Tips for Avoiding Common Holiday Cyberscams

November 28, 2022

For many of us, the holiday season is a wonderful time of year. Unfortunately, it can also be an especially profitable time for cybercriminals. With many consumers shopping online, we almost always see a significant increase in cyberscams during November and December. To help you avoid becoming a victim of holiday cybercrime, watch out for these common scams.

1. Fraudulent shipping notices. It’s very likely that you will ship at least a couple of gift packages directly to your loved ones or have online purchases sent to your home. This makes the shipping notice scam a popular one for cyberscrooges. Here’s how it works: The scammer crafts an e-mail, purportedly coming from UPS or FedEx, notifying you of a problem delivering your package. To resolve the issue, it says, you need only click on a link in the e-mail message or open an attached invoice. Of course, doing so will install malware or ransomware on your computer or device—not put you in contact with an actual delivery service.

Don’t fall for it. Be particularly wary of e-mails claiming to come from any courier service. If you receive a message like the one described above—regardless of whether you believe it’s legitimate—go to the website of the company with which you placed the order. You should be able to track your package from the retailer’s site. Use the tracking number for the courier service that the retailer provides. You can also go directly to UPS.com or FedEx.com and check the delivery status there. Whatever you do, don’t click on any links or download any attachments from the original message.

2. Bogus refund notifications. This phishing scam is designed to steal your personal and financial information. Typically, an email will appear to come from an e-commerce company such as Amazon, eBay, or Overstock and claim that something has gone wrong with your recent order. It will prompt you to click on a link in the message to obtain your refund. Unfortunately, if you do, you will be taken to a dummy website set up to look like a legitimate online store. There, you will be asked to fill out a form with your financial information—allegedly to let the sender know where to issue your refund. Of course, you won’t receive a refund because this is just how the fraudster gains access to accounts.

Don’t fall for it. Again, to check the status of any order you may have placed, go to the company’s website directly (e.g., Amazon.com, eBay.com). If the company doesn’t offer the ability to check an order’s status, verify the transaction by calling the firm at a phone number you know is legitimate.

3. Voucher and gift card giveaways. This scam is seen year-round but more often around the holidays. These bogus offers are most commonly sent by cybercriminals through social media, usually via a friend’s hacked account or a fake company page set up to look legitimate. Appearing to originate from an entity such as Best Buy, IKEA, or Whole Foods, the offer claims that the company is giving away hundreds or thousands of dollars in gift cards. If you follow the instructions provided to obtain your gift card, you will actually be led to a phishing form that asks for your personal information.

Don’t fall for it. Remember, if something seems too good to be true, it probably is! If the post appears to come from a friend, call or text him or her to ask if it’s legitimate. In addition, be wary if the “official company page” looks a little off. Check the website’s number of followers. A retailer’s authentic website may have hundreds of thousands or millions of followers. Further, a huge promotion such as the one described in the offer you received would also be listed on the retailer’s website, so check there directly or call the company’s customer service number.

4. Website vendors that take orders but don’t deliver. Many popular and novelty items may be sold out and on backorder until after the holidays, or they may be hard to find from mainstream merchants altogether. So, it’s not uncommon for consumers to search online for a lesser-known vendor that may have the items. But beware! Another favorite holiday scam is staged through shady websites claiming to have hard-to-find items in stock. These sites trick you into paying for the items but have no intention of delivering them. Often, these entities are based overseas.

Don’t fall for it. Search the Better Business Bureau (BBB) website for customer reviews and the accreditations of merchants that are unfamiliar to you. In addition, because not all businesses are listed with the BBB, you might want to hunt elsewhere on the web for reviews posted by other consumers. If you can’t find much information on the vendor, stay away!

More Tips for Protecting Yourself from Holiday Scams

  • If possible, use credit cards for online transactions. If you fall for one of these scams and unknowingly hand over your debit card information, it’s easy for the cybercriminal to drain your bank account quickly. Purchases made with credit cards typically include more consumer protections.
  • If you’re uncertain about the legitimacy of a website, check its safety rating on ScamAdviser.com or URLVoid.com.
  • If searching for an item on a lesser-known merchant’s website, check for spelling and grammatical errors. Such mistakes are red flags indicating that the site is most likely based overseas, which may suggest it’s a scam.
  • Avoid online shopping or conducting any financial transactions over an unsecure Wi-Fi network.

If you have any questions about the information shared here, please feel free to call or email my office.

These hyperlinks are being provided as a courtesy and are for informational purposes only. We make no representation about the completeness or accuracy of information provided at these websites.