The holiday season can be a very busy time for many people, but it is also a busy time for cyber criminals. There are a lot of online scams going around this time of year, looking to take advantage of increased shopping activity and people’s generosity. We’ve listed some tips and warnings about some of the most common scams.
Fake Retailer Websites
A counterfeit website which mimics the site of a real retailer using similar layouts, color schemes, graphics and logos. Sites like these have been known to send low quality merchandise that doesn’t work or falls apart, or simply send nothing at all and just simply steal the personal and financial information you provide them.
We’ve all heard the old adage “If it’s too good to be true, then it probably is.” This certainly applies to online advertising. If I saw an ad offering a Rolex watch for $100, for example, I would be very suspicious. Even if you didn’t end up buying anything from the site, simply clicking the link could install malware onto your system.
Over this past year there have been several data breaches from some major retailers. Many of these breaches were due to malware inside the Point-Of-Sale devices. When a card is swiped through, the malware will send a copy of your card information to the malware creators. The best way to protect yourself is to be diligent in checking the transaction history of your accounts. If you notice any unintended purchases, contact your financial institution immediately.
Many people will buy or receive new phones, tablets, USB drives, or other devices this holiday season. Devices like these can get infected with malware. Connecting your device to your work computer (even just to charge the battery) could wreak havoc on your company’s servers and systems. Make sure to check with your IT department about BYOD (Bring Your Own Device) policies.
Holiday shopping may mean hitting up the ATM. Before inserting your card, double-check to make sure that the ATM hasn’t been compromised. If the keypad, card slot, or cover look different or loose, a device (or malware) may have been installed to steal your banking information. Another ATM tip is to cover the keypad with one hand while entering your PIN with the other. Criminals have been known to install tiny cameras in ATMs in order to find out your PIN.
While it may be convenient to sit down at your local coffee shop and use their internet connection, you should be very cautious of what information you send over their free Wi-Fi. Systems like this are usually not very secure, and someone could steal your information with little effort. Never do banking or online shopping on public Wi-Fi.
Shop only on secure websites
A lot of holiday shopping is done online – make sure that the site you are shopping on is secure. Look at the website address at the top of your web browser. If the URL begins with ‘https://’ then you know that they are encrypting your sensitive information. If the URL begins with ‘http://’ then the website is not using encryption. Additionally, most major browsers will display a lock icon in the address bar. You can click this lock to get more detailed information about the website.
Make sure to do your homework on any charitable organization before donating. Their name and website may seem legitimate, but it could be someone trying to take advantage of your generosity and scam you out of money.
Some things to be wary of on social media sites such as Facebook and Twitter:
· Phony Profiles
A random person sends you a friend request. Even if their profile looks legitimate, you shouldn’t click that ‘Accept’ button quite yet. That new ‘friend’ could be a criminal after your data, and accepting their friend request gives them access to your personal info, posts, and your list of friends. Make sure that you only accept friend requests from people you actually know; otherwise you’re opening yourself up for an attack.
· Hacked Profiles
You see that one of your friends posted a link claiming that they got a free XBox for filling out a survey. In reality, someone has hacked their account and posted this malicious link. Contact your friend immediately and have them change their password.
Email is a very popular way for criminals to try to infect your system. Here are some of the more common email scams:
· Malicious e-cards
Looks like a simple greeting card, but downloads malware when you open it.
· Grandparent scams
Scammers target the elderly with an email from a “stranded” grandchild claiming to need money wired to them.
· Letters from Santa
An offer to send your child a personal letter from Santa Claus may be a phishing scheme to collect personal information.
· Bank Account scam
An email seemingly coming from your financial institution which informs you that your bank account has been compromised. You are given a link to follow or a phone number to call in order to verify your account information.
· Shipping notification/Order confirmation
You receive an email claiming to be an order confirmation or package tracking number. Make sure that the email is actually from a retailer you have ordered from before clicking any links within.
· Golden rules of Email
Do not follow unsolicited links
Do not open unsolicited attachments
NEVER send any financial information through email