As the end of the year draws closer, we take a look at the festive themed scams that will be plaguing Internet users in 2014.
Where will you see it? On Facebook.
What will it ask me to do? Share a Facebook post and possibly complete surveys
Scammers see Christmas as a great opportunity to lure Facebook users into Liking their Facebook page, sharing their Facebook posts, visiting external links and completing information-harvesting surveys.
They do this with the bait of competitions and giveaways which – according to viral Facebook posts – you can enter by sharing a post on Facebook, or liking a post on Facebook. Or commenting on a post on Facebook… you get the idea.
High store vouchers and the latest must-have “unsealed” electronics are popular bait. See our full article on Facebook giveaway scams here.
Where will you see it? You email account.
What will it ask me to do? Open an email attachment
Typically initiated via email, the package delivery scam is present all year round, but especially prevalent over Christmas. This is because scammers know a higher number of parcels will be delivered to households around the world.
The scammer sends an email laced with a malicious email attachment that, when opened, will infect a computer with malware. The email will claim that a courier tried and failed to deliver a parcel and in order to rearrange the delivery the victim must open the attachment.
People are more likely to fall for this scam because a high number of people are indeed expecting packages to be delivered during the run-up to Christmas.
No courier we know of needs someone to open an attachment to arrange a redelivery. So you know this will always be a scam.
Where will you see it? You email account or social media link.
What will it ask me to do? Visit a website or open an email attachment
Sending E-cards is quite the 21st century tradition, and for many it replaces traditional paper based Christmas cards.
But be warned of suspicious links or emails asserting to have an E-card for you – it could be a trap. Always confirm with the sender that the E-card was from them, and never open anonymous greetings.
Also never download software to your computer or allow anything to run on your computer in order to view the E-card.
Where will you see it? On the interwebs, but it can be linked to from almost anywhere.
What will it ask me to do? Buy stuff
Fake retail websites are, unsurprisingly, common over Christmas, offering unbeatable deals on all the latest must-have products.
But on the Internet if it seems too good to be true, then it usually is.
Lots of these sites are fake – plain and simple – and won’t send you nada. Others – especially ones operating out of China and Russia – will send knock-off goods or hide costs.
Stick to reputable, trusted sites and be wary if the deal seems a little too good…
Where will you see it? Your email account.
What will it ask me to do? Open an attachment
Amazon is the largest online retailer so needless to say it will be extremely busy this time of year. Any regular Amazon user will know that every time you buy something on Amazon they’ll send a receipt to your email address.
This makes this scam particularly successful. The email will lure readers into opening a malicious email attachment containing malware. Users who recently bought something on Amazon will assume it is the genuine receipt from their purchase. Those users who haven’t bought anything from Amazon will naturally be curious as to the contents of the attachment and will likely open it anyway.
Amazon actually sends receipts without attachments. You can read the details on the email itself. So emails with attachments shouldn’t be opened. This scam can target other popular online retailers as well.
Where will you see it? Your email account or social media account.
What will it ask me to do? Visit a website and login
Phishing scams are one of the evergreen, popular scams online, and many phishing scammers will be gearing themselves up for their festive versions.
Sites like Amazon and online banking sites are often used as bait to lure victims into spoof websites that ask for your login information which is them stolen.
Examples will be numerous, but the evergreen advice is to always ensure you are on the correct website before entering login information.
Where will you see it? Your email account or social media account.
What will it ask me to do? Donate to charity
Charitable organisations receive more donations as the festive period draws closer, and scammers certainly don’t ignore this.
Watch out for fake emails or social media links leading to fake charity websites. These sites will steal any donations and possibly your information as well, leading to identity fraud.
Don’t respond directly to emails or social media links. Visit the websites of a charity directly.
Where will you see it? You won’t.
What will it ask me to do? It won’t.
Identity theft criminals will be lurking this Christmas, spying on you and trying to get your sensitive information.
One of the more popular ways of doing that is with keylogging malware that records the information you type into your computer (like your credit card information or online banking information, or even your Amazon account login information.)
Keylogging infections can happen a number of different ways (click here for the 5 most common ways) and when it infects a computer then everything you type into that computer is at risk.
This is why it is important to run regular scans with you security software.
This is also why you shouldn’t shop on computers that are available to member of the public.
Where will you see it? On your email, website advertisements and social media links.
What will it ask me to do? Sign up for a work-from-home opportunity.
Everyone would love a little extra cash as the holidays approach, and scammers certainly take advantage of this fact.
A surge of work-from-home opportunities always come out of the woodwork as the end of the year approaches, promising easy money for little effort with work-from-home kits that claim to provide extra cash just by, for example, posting links or filling out questionnaires – even by being a mystery shopper!
However these “opportunities” are hardly ever legitimate and usually just sell you useless information or software.
Where will you see it? You won’t.
What will it ask me to do? It won’t.
Many people choose to go away for the holidays, and with the dawn of social media this information is often publicised for all to see.
But be aware – criminals are on the lookout for easy targets around the Christmas period. We’ve all seen the Home Alone movie that sees a couple of bungling criminals stalking empty houses. Well with social media they needn’t both dressing up as police officers to find out what a households vacation plans are – most people tend to publish the information on their Twitter or Facebook accounts for all to see.
Avoid publishing your vacation plans on social media and if you do ensure that only your friends can see it (but we still recommend not doing it!)
Where will you see it? Your email account.
What will it ask me to do? Respond to claim your winnings.
“419 Nigerian” advance fee fraud scammers have a “lottery” for all occasions, including Christmas. These scams work by informing a victim they’ve won the lottery. Who wouldn’t want to win a lottery right before Christmas?
Of course once the victim bites, the scam hooks them by luring them to the large cash prize (which isn’t real) but informing the victim they need to pay a series of smaller fees before the big pay-out.
It’s typical advance fee fraud in its execution and template. Remember, you can only win a lottery you entered and NEVER pay to get a prize.
Where will you see it? In search engine results, website advertisements or email in your account.
What will it ask me to do? Download free festive themed goodies.
Christmas themed E-cards, screensavers, desktop backgrounds and ringtones are all popular over Christmas, but a large percentage of them harbour malware.
Scammers often target search engines to make their malicious webpages appear at the top of certain festive themed phrases.
Have your security software up-to-date and only download files from reputable websites.