By Rob Foxx
Welcome to the 2022 holiday season. What should be a time of joy and celebration for all, can turn into a time of stress and panic for some. Scams come in many forms most seemingly innocent. That’s what makes them so difficult to avoid. Some scams are more sophisticated than others. Knowing these scams and how they work, will help you defend yourself and your loved ones this holiday season.
Since Amazon is now a household name it has been a target for people looking to get a quick score. The most common and least sophisticated scams that has become very popular over the holidays is porch pirates. These are people who either follow Amazon deliveries or just drive around looking for unattended packages.
While we are on the topic of deliveries, you need travel no further than your email inbox or a text message on your cell phone letting you know you missed a package. All you need to do is go to a website and verify your information. These websites may even look like a legitimate delivery company. It’s not uncommon to order so many deliveries that you can’t remember them all. Bad actors are counting on this and hope to get your information using this method. Instead of a website they may offer a customer service number with a very professional sounding person. This person will gather your data over the phone potentially including your credit card information.
Have you ever gotten an email or seen a link on a webpage for a coupon or a discount that is too good to believe? Be careful - this can also lead to a very common scam that requires you to download coupon software or enter your personal information to receive the listed deal. After complying it is very common to get a message saying the deal has expired, been claimed, or even be directed to an error page online. The coupon software could add malware to your computer. Any information you give out like this could be used immediately or it could be saved and to be used on you later after you let your guard down.
Alternatively, finding a deal online that’s too good to be true often is. New products for the season that are hard to come by, but inexplicably available, at or under a price you could expect. You may find products ordered from untrusted sellers are not as advertised, have significant delays, or are flat out taking your money and never delivering.
Gift card scams are as old as the practice of having gift cards. Historically selling expired or used gift cards was one of the holiday scams of choice and still is. Once you have parted from your cash the person who sold it to you at face value or under face value to offer a deal is gone so fast you would not have even had time to question it.
Another popular scam is sending emails that appear to be from someone you know requesting that you get gift cards. The codes from the gift card are to be send in an email. These are alleged to be used for a gift to a family member, charity, workplace, or other organization. These requests can come from a compromised email or an email account that looks like it came from someone you are familiar with.
Its always fun to receive a holiday card from friends and family. Today you may get these as ecards. While the person who sent them may have no ill intention, the website or service they sent them from can have an unwanted passenger attached in the form of malware.
Thanksgiving and Christmas are prime times to travel and bad actors know this. Websites or even items received through the mail could lead to dealing with people who will accept payment. They will even give you seemingly legitimate vouchers or tickets, only to find out they were fake.
The saddest of scams that occur are those targeting people who are looking to give to charity. It can be anything from people going door to door, to information coming through the mail or email. Always make donations directly to the organization that you wish to give to. Please use a method of payment that can be verified and tracked, such as a check.
There are a few ways to protect yourself from falling victim to these scams:
- Always check credit cards, bank statements, and other payment accounts frequently.
- Only buy from reputable sellers or companies.
- If you have orders arriving, check tracking information when provided.
- If it is something you’re not expecting, follow up with the sender using a different method then they used to contact you, such as a phone call or in person conversation.
- While not related to any of the stated scams never post vacation plans or photos online till you have returned from your travels.
- Verify the business or charity that you are giving money to.
What to do if you suspect you have been scammed:
- Report the incident to local law enforcement
- Alert your financial institutions
- File a complaint with the FBI
- Report the scam to the FTC
Once you have protected yourself this holiday season keep in mind tax refund scams are right around the corner. Never give tax information to anyone but a trusted tax professional. Always remember the IRS will not email or contact you over phone demanding immediate payment.
Foxx is director – InfoSec and IT audit services at FIPCO