How to Stay Cyber Safe During the Holidays
The holiday season is a time of togetherness for most people. It’s also a time of increased spending and travel, both of which contribute to higher levels of stress. As people rush to get everything done in time for holiday celebrations, cybercriminals take advantage of the busy season to craft cleaver scams to catch distracted people off their guard.
Cybercriminals have been successful in exploiting distracted shoppers. Last year, almost 75% of Americans experienced at least one type of holiday scam. In 2022 overall, the FBI found that Americans lost over $281 million to online shopping and non-delivery scams.
To help keep you cyber safe this holiday season, we’ve compiled some of the top holiday scams to look out for with recommendations on how to guard against them.
Social Media Scams
There’s been an increase in social media ads that lead people to fake online stores. By tracking trends, cybercriminals can create fake ads for hard-to-find items that lead people to websites imitating what someone would expect when purchasing the item. These fraudulent websites can steal your money, personal information and banking information – all of which can be used in future scams. Cybercriminals craft these ads based on the social engineering tactic of scarcity and prey on the emotion of surprise.
To verify the legitimacy of an ad or website, take a moment to consider if this offer is too good to be true. For example, if this item has been sold out for months, what are the chances that it’s now back in stock for a reduced price? Before you follow the link in the ad, check the website directly by searching for it online.
Fake Delivery Notifications
As people rush to get their shopping done in time, cybercriminals take advantage of this trend by sending fake delivery notifications to anxious shoppers. These notifications can take the form of text messages, emails or phone calls claiming that a package they’re waiting for has been delayed or that they need to pay a fee for it to be delivered. Fake delivery notifications prey on the emotions of fear and anxiety to coerce shoppers to hand over their personal information or funds in exchange for the item they ordered.
To verify the legitimacy of these scams, follow the tracking link you were provided upon purchase or shipping. Does it match the claim the email, phone call or text is making? You can always contact the business or shipping company directly to verify the legitimacy of the delivery notices.
Discounted Airline Tickets
Cybercriminals exploit inflated travel costs over the holidays by offering travelers discounted airfare prices through fake websites, deceptive advertising and phishing emails. These scams are motivated by financial gain; by either stealing money directly, or by harvesting your personal and financial information to be used in future scams or sold on the dark web. After booking your flight, the cybercriminal may contact you claiming that your flight has been cancelled and you need to pay a rebooking fee, or you may only learn of the scam at the airport when there’s no record of your booking. These scams use the social engineering tactic of scarcity and prey on the emotion of surprise.
There are a few ways that you can verify the legitimacy of your airline tickets. If you’re unsure about the legitimacy of the website you’re booking with, do more research and verify the URL. If you’re booking through a well-known airline, go directly through their website to purchase your ticket. Airlines also don’t tend to request more money after your initial purchase, so this is an indicator that your purchase may have been too good to be true. If you’re ever in doubt, contact the airline directly independently of any communications you may have received.
Survey and Giveaway Scams
Businesses use surveys to understand their customers and may offer a chance to win a giveaway in exchange for completing the survey. People enjoy giving their opinions, especially when a reward or discount is offered. Cybercriminals prey on this fact by crafting fake surveys imitating well-known businesses. These scams harvest someone’s personal information to be used in future attacks or sold on the dark web. They exploit emotions such as excitement, surprise and curiosity at the chance to win something.
There are a few ways you can verify the legitimacy of a survey. First, if it sounds too good to be true, it most likely is. Heavy promotion of the reward, or a reward that doesn’t match the business in question, can also indicate that the survey may not be legitimate. If you’re unsure, you can always contact the business directly.
Fraudulent Bank Activity
Many banks text or email their clients when they make a purchase or a withdrawal. Cybercriminals take advantage of this communication to trick people into believing their bank account has been compromised with phishing emails, text and phone calls claiming to be from the individual’s banking institution. These scams are crafted to steal your banking and personal information, which can be used to steal funds or your identity. Cybercriminals prey on emotions of fear and surprise in these scams.
As your spending trends increase over the holiday season, be sure to double check your transaction directly through your banking app. Avoid following links from text messages or emails if you’re unsure about the sender’s authenticity. Contact your bank independently of any communications you may have received if you suspect suspicious activity with your account.
Slow Down to Stay Cyber Safe
All the scams covered in this blog involve the social engineering tactic of urgency: where a cybercriminal tries to coerce someone to make a quick decision before fully thinking it through. To avoid making a decision you’ll regret, take a moment to slow down and consider what the cybercriminal is asking you to do. Is this how the business usually contacts you? Does this offer seem too good to be true? Slowing down to fully consider a request or offer will help keep you cyber safe this holiday season and year-round!