How to avoid holiday scams
The holiday season is supposed to be the most fun part of the year, right? However, oftentimes it gets overshadowed by stress and the rush to find the perfect gifts for your loved ones. And if that wasn’t enough, malicious actors are lurking in the shadows, keen on using the Christmas shopping fever to their advantage. So to keep your Christmas spirit strong, let’s look at some of the more popular holiday scams and the ways to avoid them.
What are holiday scams? ??
Holiday scams are those scams that take advantage of the Black Friday and Christmas season. They are typical online scams (for example, gift card scams or online shopping scams) that become harder to notice during the holiday shopping craze. Since online shoppers are often distracted by the rush to get the best deals as quickly as possible, they may fall for unrealistic discounts, fake charities, or travel deals that look too good to be true. That increases the scammer's chance of success, making the holiday season the best time to try and steal money or sensitive data.?
And that’s not just a hypothesis — according to credit protection experts, the number of fraud attempts identified throughout the 2023 holiday season exceeded the rest of the year by 49.6%. With $10 billion reported lost to scams in the US in 2023 alone (FTC data) there’s no doubt that the holiday season is a gold mine for scammers worldwide.
How do holiday scams work? ??
Holiday scams work by exploiting the target’s lack of focus. Since the holiday season kicks off with the Black Friday and Cyber Monday sales, online shoppers may get distracted by attractive deals and lower their guard against offers that seem too good to be true. That provides scammers an opening to approach their targets with fake gift cards, malicious shopping links, and other “deals” that lead to fraudulent transactions or fake websites.
Another factor that works in scammers’ favor is the rush that comes with Christmas gift shopping. The need to take care of this chore may cause individuals to give in to a false sense of urgency, which is one of the key tactics of most online scams. Malicious actors can use this stress to put additional pressure on targets with phishing emails, including “limited offers” or messages with phrases like “your shipment was aborted due to overdue payment. Sign in to your account to finish the transaction by clicking here [link].” In reality however, these links lead to fake websites designed to steal user credentials and perform identity theft.
Holiday scams to watch out for ??
Scammers have tons of holiday scams up their sleeves. From fake social media giveaways to phishing links, here are the most common types of holiday scams to watch out for.
Gift card scams ??
Gift card scams are one of the most popular types of fraud during the holiday period. Since? retailers go above and beyond to provide customers with a variety of gift cards, scammers use that opportunity to slip in fakes, typically sending them to you via email. Gift card scams entice people to click on links to claim their “free” gift card. If the target falls for the ruse and follows the link, they get taken to a fake website where scammers can steal their sensitive data (such as login credentials) or download malware onto the target’s system. Steam card scams and Amazon scams are among the most widespread gift card scams.?
Fake charity scams ??
Many people feel the urge to do something good for their community during the holiday season. Scammers may use that feeling of generosity to trick people into participating in fake charity scams — a type of fraud designed to lure people into believing a story of distress and getting them to donate by taking advantage of their kindness. Typical scenarios for these scams include made-up tearjerker stories or rallies to support victims of a recent tragedy (such as a natural disaster or terrorist attack). Targets are encouraged to wire money through suspicious web pages or make transactions to private bank accounts.
Phishing scams ??
Phishing scams are one of (if not the) most widespread types of online fraud worldwide. They’re basically malicious links that scammers send you via phone or email to try and lure you into clicking on them and exposing your sensitive data. Sometimes phishing links can also be gateways to downloading malware. Typical signs of a phishing scam include promises that are too good to be true, messages that urge you to take quick action, and suspicious URLs or email handles.
Online shopping scams ??
Online shopping is a staple of the 21st century. However, with millions of shoppers surfing online stores every day, it becomes increasingly difficult to ensure safe online shopping, especially during the holiday season. Scammers may use online shopping scams such as fake websites (replicas of reputable online retailers) to trick shoppers into providing login credentials or pretend to sell items that will never ship out (also known as non-delivery scams). All for one goal — to steal your money.
Travel deal scams ??
Planning a getaway for the holiday season? Be wary of travel deal scams. Malicious actors may try to approach their targets with fake travel deals, which often sound too good to be true. Along with unrealistic promises, these deals are likely to include phishing links or requests to wire money to specific private bank accounts.?
Delivery notification scams ??
Delivery notification scams can be dangerous because they often catch their targets off guard. Since a good part of the holiday season is about online gift shopping, it’s natural that people may be on the lookout for delivery notifications. That provides scammers a chance to slip them phishing links, disguising themselves as representatives of reputable delivery companies. Malicious actors may use UPS, USPS, and other companies’ branding materials to trick people into engaging with their urgent delivery messages (such as notifications about postponed or canceled deliveries). With their guard lowered, the targets can easily be manipulated into providing sensitive information or transferring money.
领英推荐
Fake shops ???
Scammers love to use fake shops as a means to trick people into transferring money or submitting login credentials. And they do a pretty good job of creating replicas of well-known online retailers too. The victims of fake shop scams often fail to see suspicious details (such as weird website URLs or prices that seem too good to be true) and order goods that will never be shipped out. Of course, when the target realizes they’ve been duped, the scammers (and fake shops) are long gone, leaving the victim without as much as a piece of coal in their Christmas stocking.
Social media giveaway scams ??
Social media giveaway scams include Facebook scams, which become popular during the holiday season. Scammers post giveaways on social media sites pretending to give out items, gift cards, and other types of goods in exchange for users clicking on a specific link and sharing the posts with their friends. Needless to say, these links lead to a phishing site, exposing users’ sensitive data to scammers.?
What to do if you’ve been scammed this holiday season ??
If you’ve a reason to believe you’ve been scammed, follow these steps to mitigate the damage:
1?? Change your passwords. If you’ve entered your login credentials in a fake website, change them immediately. This will help you safeguard from account hijacking.
2?? Enable two-factor authentication (2FA). If you haven’t, enable 2FA on your online service accounts to add an extra layer of security for stopping unauthorized transactions.
3?? Contact your bank. If you have a reason to believe that scammers may have access to your financial accounts, inform your bank immediately. The bank will freeze your credit card and monitor your account for unusual transactions, protecting you from potential money loss.
4?? Report the scam to law enforcement institutions. If you’ve notified your bank about the scam, you should also report phishing scams to agencies such as the Federal Trade Commission (in the US) or Action Fraud (in the UK). These agencies deal with online scams and may offer you additional support when dealing with the aftermath of the scam.
5?? Seek emotional support (if needed). The holiday season can be stressful and getting scammed does not add to the festive spirit. Consider seeking emotional help to deal with the aftermath of a scam. While the situation can sometimes look bleak, seeking support might help you feel better.?
Tips on how can you protect yourself from holiday scams ??
? Look for design flaws and spelling mistakes when shopping online. Fake shopping websites often come with spelling, grammar, or design errors. If you notice any of these signs, leave the website and do not return until you’ve double-checked its authenticity (by checking the URL or visiting the official website of the shop in question in another browser tab to make sure it looks the same).
? Be wary of ridiculously low prices. Scammers often try to force targets into action by offering unbelievably generous holiday deals. Always remember — if the price seems too good to be true, it most likely is.
? Check return and refund policies. Fake websites often don’t have (or have unclear) product return policies. If the website is missing one, that’s a red flag.
? Use strong passwords. While most holiday scams rely on stealing your password, sometimes scammers may breach your online accounts without even having to go through you. Safeguarding your online presence with strong passwords helps you reduce the risk of successful brute force attacks and adds to your cybersecurity. If you need help storing or coming up with strong passwords, Nordpass will provide you a more than suitable place to stash your passwords while also offering a strong password generator.
? Avoid clicking on suspicious links. If you get emails or text messages with suspicious links, do not click them. If you click on a phishing link, do not type or click on anything on the website, exit it immediately, and (if you’ve opened the link via email) change your email account’s password, just in case. Additionally, if you’ve doubts about the URL’s legitimacy, you can also use an online link checker tool to test its safety.
? Use 2FA. Currently, 2FA is the one of the best cybersecurity solutions for detecting unauthorized login attempts in real time. Enable it on all your online accounts and be sure to reject all unknown authorization requests.
? Avoid using public Wi-Fi hotspots for transactions. Public Wi-Fi hotspots may be free, but they’re also a perfect hiding spot for malicious actors. Since these networks are open, hackers can access them undisturbed and lurk there, tracking users’ traffic, injecting malware, or stealing sensitive information. That’s why it’s better to avoid open Wi-Fi networks, especially when transferring money.
? Use a VPN. A VPN encrypts your online traffic, making it inaccessible to malicious actors. That provides more online safety when browsing public Wi-Fi hotspots or browsing in countries that tend to apply strict monitoring or censorship laws. Using services such as NordVPN adds benefits such as Threat Protection Pro? — a feature designed to block malicious websites, phishing links, and downloads that can contain malware.
? Educate others. The more we talk about cybersecurity, the higher the chances people will learn to recognize and protect themselves from online threats. With online fraud numbers rising, it’s vital to continue learning and practicing healthy cybersecurity habits so that we, our friends, and our loved ones can enjoy the holiday season (and online browsing in general) without falling victim to online scams.