Skip to main content
Routing # 307075259

Holiday Scams to Watch Out For


As we begin to get into the holiday spirit, it’s important to remember that while the holiday season brings holiday shopping, it also brings about holiday shopping scams. Retailers try to take advantage of the shopping spirit and cybercriminals capitalize on this by creating phishing campaigns and fake shopping sites.

These sites may have lookalike domains and some pretty amazing deals, which is one of the biggest warning signs for a scam. If it is too good to be true, it probably is. Doing a quick Google search on any website that has "amazing deals" should pull enough results to let you know whether or not it is a scam.

Do-jacking and typosquatting happen when a cybercriminal uses a domain name that is very close to a popular site’s address. Often, the fake website collects information to use for other nefarious purposes or to sell on the underground markets. Sometimes, its purpose is to download malware onto a visitor’s computer or device, which can happen within seconds, this is called a “drive-by download.”

In a study by FairWinds Partners, 80% of lookalike domain sites see a significant increase in traffic during the holidays. The way these attacks happens is simply by taking advantage of mistakes. Perhaps a letter is added to a site name, like barnesandnobles.com (the real one being without the “s” on the end). With a quick glance, the user likely won’t notice the subtle difference.

Domain Security Framework

It’s advised that before shopping online or entering any confidential, sensitive, or personally identifiable information into a website, you do a little more investigating to ensure everything is up to par.

Phishing scams and malvertising are also on the rise this time of year. Phishing is a type of online scam that targets consumers by sending them an e-mail that appears to be from a well-known source and asks for personal identifying information. Malvertising uses what looks like legitimate online advertising to distribute malware and other threats with little to no user interaction required; and the ads can appear on any site, even the ones you visit as part of your everyday internet browsing. As a general rule of thumb, don’t click on suspicious links found in email messages or ads that pop up on the side of your web browser.

Here are some of the most common ways that scammers target you during the holidays:

  • Social media ads that lead to fake online stores.
  • Scammers send fake text messages claiming that a package you’re waiting for has been delayed or that you need to pay a fee before it can be delivered. ‍
  • Many schemes take advantage of popular holiday items or inflated travel costs to get you to buy fake tickets or items.

How To Avoid Online Holiday Scams

  • Research retailers before shopping. Search an unknown company’s name on the BBB’s Scam Tracker website and look for complaints or warnings about scams. ‍
  • Be wary of unfamiliar emails and texts. Don’t open attachments or click on links if you don’t know the sender. Also, never provide sensitive information through email.
  • Watch out for scam phone calls. Scammers engage in all types of phone scams at this time of year (also known as “vishing”). When in doubt, hang up and call the company or agency using their official phone number. ‍
  • Monitor your online bank statements. During the holidays, it's easy to let money flow in and out of your accounts without paying much attention. Check your accounts regularly for suspicious activity.‍
  • Use credit cards for your online purchases. If someone scams you using your credit card numbers, you have a better chance of getting your money back.
  • Always make sure your devices are equipped with anti-malware and anti-virus software or applications and are always updated. This includes all mobile devices on any operating system.

Don’t let scammers spoil your holiday spirit! If you follow the tips above and remain cautious of those too good to be true deals, you’ll be able to accomplish your holiday shopping and stay safe.  Be sure to visit our Security Center to learn more about cyber security, protecting your credit, and how to avoid fraud & scams.  

 

Sources and enhancements by Credit Unio of Denver

https://www.stickleyonsecurity.com/home

https://www.aura.com/learn/holiday-scams

https://fairwindspartners.com/

https://www.malwarebytes.com/malvertising

https://www.ftc.gov/news-events/topics/identity-theft/phishing-scams

View All Blog Posts