12 Scams of Christmas

Criminals are out and about in full force during the holidays. Here are 12 scams to watch out for in the holiday season.

Charitable phishing scams

  • Beware of e-mails posing as legitimate charities. They will take your money and credit card info and the charity will never get your money.
  • The e-mails asking for money may even have charity logos, like the Red Cross or Salvation Army.
  • To make sure that your charity of choice gets your donation, go directly to the charity’s website. The relevant donation page will be easy to find.
  • Also, beware of phone and door solicitors asking for charity donations. If you are unsure if they are legitimate, tell them that you don’t give money over the phone or at your doorstep, and then go directly to the source to give if you so wish.

Fake invoices from delivery services

    • This is sneaky business. You are sent an e-mail with a fake invoice or waybill attached. Then there are a few variations:

“The recipient may be asked to confirm or cancel an order, they may be told that the parcel service was unable to deliver a package due to having an incorrect address, or the recipient may receive a customs notification about an international package.”

  • In every case, the e-mail recipient is asked to give credit card info so that the account can be credited or to open the invoice or customs form so the package can be delivered.
  • This kind of scam works because people believe they are receiving e-mails from Fed Ex, Ups or US Customs. Instead, they are delivered a Trojan package or some other threat that can lead to identity theft or computer hackers.
  • To keep yourself safe, contact the company directly and never give out your credit card information via e-mail.

Social networking friend requests

  • Scammers send authentic looking friend request e-mails. But they aren’t friends at all, unless your friends want to infect your computer with malware.
  • So, don’t clink any links, go directly to the social network site to accept new friends.
  • You’ll also want to make sure that you have anti-virus software running on your computer.

Holiday e-cards

  • This is a great time of year for spammers to spread malware through e-cards. don’t open them if you don’t recognize the site the card is from.
  • The cards often contain malware, pop-ups and other unwanted advertising.
  • Some cards look like they come from legitimate companies like Hallmark, so make sure it is from someone you know.
  • Often, fake e-mails have misspelled words in the subject line, come from unknown senders or have odd URLs. So, when in doubt, don’t open it.
  • If you are sending e-cards, make sure you do so from a reputable site.

E-mail bank scams

  • Tracy Mooney (McAfee’s blogger) had this experience with bank scams.

“I received several emails telling me that my bank account was being tapped by an overseas IP address and that I should click on the link and log into my bank account or they would close my account. The funny thing was that I didn’t have an account with that bank!”

  • Moral of the story: Don’t trust e-mails sent from your bank asking you to log into your account through the e-mail. Either go to their site directly or call them if there seems to be an immediate problem.

Job search related scams

  • If you’re looking for work during Christmas, beware of scammers taking advantage of your eagerness to secure employment. Freelancers should be particularly cautious.

Fraud on auction sites

  • Everyone loves a good deal. But is it too good to be true? If it seems to good to be true it probably is.
  • If the price seems really too good, has a very short sale time and the same picture can be found on multiple auction sites it is probably a scam.
  • Also, most auction sites have security and safety tips. Here’s Ebay’s.
  • Check sellers’ reviews, they are there to help customers.

Password stealing scams

“According to a holiday shopping study that McAfee had done, 53% of consumers use the same password for multiple websites and online services.”

  • Password hacking is easy and sometimes silent.
  • Make sure you are using firewalls, secure networks, anti-virus and anti-spyware software.
  • Also, make sure that your computer runs updates regularly.
  • Consider using a password manager to choose a different password for each account. Using the same password for every account is a recipe for disaster.

Holiday media scams

  • A study by McAfee found that 49% of people did or would open a holiday-themed e-mail. This is a scammer’s dream!
  • Don’t open an e-mail unless you know who it is from. Don’t open attachments unless you know who they’re from. Just because the e-mail says it is some cute or touching holiday form of media doesn’t mean it is safe. Be smart and keep yourself safe this holiday season.
  • Red flag raisers: attachments in the form of PowerPoint presentations, vague holiday-related subjects, misspelled words, or odd-looking URLs.
  • Examples of headlines scammers use to get you to open their e-mails are things like “happy 2024” “happy 2024 to you “new hope and new beginning.”

Practice safe holiday online shopping

  • Use secure networks when doing online shopping.
  • Don’t use your credit card or banking website when using public open wi-fi and unsecure networks. Attackers can set up their own network near hotspots and you may end up connected to it. If you do then the attacker can see everything you do and even direct your computer to sites you may not want to go. For this reason, only access your bank account and use your credit card on a computer that you know is on a secure network. If you go online at a coffee shop or other wi-fi hotspot, make sure your anti-virus software and firewall are up to date and running.
  • If you really must use free or unsecure wi-fi, use a VPN to encrypt your connection. We recommend NordVPN as it automatically protects your connection when your device joins a wi-fi network.
  • Trust the site that you are making purchases from. When entering your credit card information there should be a closed lock in the address bar and there should be an ‘s’ after ‘http’ in the address bar – as in ‘https’. The ‘s’ is for secure.

Holiday terms search scams

  • What could be more festive than having a holiday screen saver and desktop? It won’t be so jolly if you end up with a malware-infected computer instead.
  • When visiting new sites in search of one-off products or services – like the aforementioned festive screensaver – make sure that you trust the site before downloading anything. Read our guide on how to identify secure sites if you’re unsure what to look for.

Laptop Theft

  • People get desperate during the holidays. The FBI says that 1 in 10 laptops are stolen and only 3% are ever recovered.
  • Make sure that you keep your laptop close by at all times. Don’t leave it visible in the car if you have to leave it in the car. The same goes for any other portable devices.
  • You should also back up your files. The easiest way to do this is with a cloud provider such as Backblaze.

Bottom Line

Scammers and criminals are out in full force during the holidays. It is important now, just as always, to use caution when accessing the internet. If you are uncertain if a website or e-mail is safe then leave it be. It is better to be safe than sorry. Also, make sure that your anti-virus software is up and running and that your computer runs updates automatically.