Monday, December 8, 2014

Beware of the '12 Online Scams of Christmas'

“Ho, Ho, Ho,” how we delight in imitating Santa Claus, as we embark upon the Christmas shopping season. What should be a merry time for all; includes hackers, scammers and con artists!

As we rush into the Christmas shopping season please take time to think carefully before making your purchases and any charitable donations.

Scammers are always on the prowl for victims with the following scams, consumers are especially vulnerable during the holidays. With so much to do, many otherwise cautious people let their guards down.

Con artists are ready to exploit busy, distracted shoppers -- some desperate to buy popular gift items. They're also ready to "ramp up" their emotional appeals when posing as representatives of real (or real-sounding) charities.

The McAfee company released the results of its 2012 Holiday Online & Mobile Shopping Study as well as the “Twelve Scams of Christmas,” that cyber criminals plan to use to cheat consumers this year. The survey among 2,397 adults, ages 18 and older, revealed the following trends:
  • 70% will do some Christmas shopping online this season.
  • 1 in 4 Americans plan to shop online this Holiday season via mobile (phone/tablet)
  • 13 percent of all Americans will use an app this holiday season to research or purchase holiday gifts.
  • Roughly 41% of American smartphone and/or tablet owners indicate that they have used mobile devices to research or purchase holiday gifts; and 87 percent of them are concerned that their personal information could be stolen while using an app on such devices.’

  1. Social media scams: Scammers can use sites like Facebook and Twitter to scam consumers during the holidays. Be careful when liking Fan Pages, clicking on fake alerts from friends’ accounts that have been hacked, or installing suspicious “holiday deal” apps that give your private data away. Also beware of Twitter ads and special discounts for popular gifts using blind, shortened links.
  2. Malicious Mobile Apps: Be careful not to download a malicious application designed to steal information or send out premium-rate text messages. Make sure that you only download applications from official app stores and check other users’ reviews and the app’s permission policies. 
  3. Travel Scams: Before booking travel arrangements, beware of scams with too-good-to-be-true deals, phony travel webpages with beautiful pictures and rock-bottom prices. The Federal Bureau of Investigation also warns travelers of a hotel Wi-Fi scam where a malicious pop-up ad prompts computer users to install a popular software product before connecting to their hotel Wi-Fi. Do a security software update before traveling, to guard against the latest scams.
  4. Holiday Spam/Phishing: Cheap Rolex watches and pharmaceuticals may be advertised as the “perfect gift” while holiday-themed phishing emails may try to trick you into revealing financial or personal details by posing as an offer from a legitimate business.  
  5. The new iPad, iPhone 5, and other hot holiday gift scams: Cybercrooks are likely to mention must-have holiday gifts in dangerous links, phony contests and phishing emails.  
  6. Skype Message Scare: A new Skype message scam attempts to infect victims' machines, and hold their files for ransom. The threat appears as a Skype instant message with the scam line “Lol is this your new profile pic?” Clicking on the link downloads a Trojan onto the computer. 
  7. Bogus gift cards: Be wary of buying gift cards from third parties and buy instead from the official retailer.  
  8. Holiday SMiShing or phishing via text message: The scammer tries to lure you into revealing information by pretending to be a legitimate organization.  
  9. Phony E-tailers: Phony e-commerce sites that appear real will try to lure you into typing in your credit card number and other personal details.
  10. Fake charities: Cybercriminals may try to fool you into thinking that they are a real charity, such as the Red Cross, with a "stolen logo and copycat text." It is safer to visit the charity’s legitimate website. 
  11. Dangerous e-cards: Some are malicious and may contain spyware or viruses, or download a Trojan.  
  12. Phony classifieds: Phony offers may ask for too much personal information or ask you to wire funds via Western Union.



By: Ken Hartley
Security/Loss Prevention Officer