Many of us let our guard down during the holiday season, especially when we're online.
We like to think everyone is of good cheer this time of year. But they're not, and that's why you have to be more diligent than ever these weeks for online scams.
A video from a friend on Facebook? Sure. I'll click on that. A holiday greeting card? I'll click on that too.
Then there are the "Free $500 gift card" text messages to your smartphone. And the "shipment notification" that shows up in your email inbox for a package you never ordered.
Any of those could be among "The 12 Scams of Christmas," annual lists put together by internet security firms.
Here, then, are the top 2013 holiday season scams as reported this year by McAfee: (this list was provided by McAfee/Intel)
- Not-So-Merry Mobile Apps—Official-looking software for holiday shopping, including those that feature celebrity or company endorsements, could be malicious, designed to steal or send out your personal data. Criminals can redirect incoming calls and messages, offering them the chance to bypass two-step authentication systems where the second step involves sending a code to a mobile device.
- Holiday Mobile SMS Scams—Fake installer tricks Android users into thinking it is a legitimate installer for an application and then quickly takes advantage of the unrestricted access to smartphones, sending SMS messages to premium rate numbers without the user’s consent.
- Hot Holiday Gift Scams—Advertisements that offer deals on must-have items, such as PS4 or Xbox One, might be too good to be true. Clever crooks will post dangerous links, phony contests on social media sites, and send phishing emails to entice viewers to reveal personal information or download malware onto their devices.
- Seasonal Travel Scams—Phony travel deal links and notifications are common, as are hackers waiting to steal your identity upon arrival. When logging into an infected PC with an email username and password, scammers can install keylogging spyware, keycatching hardware, and more.
- Dangerous E-Seasons Greetings—Legitimate-looking e-cards wishing friends “Season’s Greetings” can cause unsuspecting users to download “Merry Malware” such as a Trojan or other virus after clicking a link or opening an attachment.
- Deceptive Online Games—Before your kids are glued to their newly downloaded games, be wary of the games’ sources. Many sites offering full-version downloads of Grand Theft Auto, for example, are often laden with malware, and integrated social media pages can expose gamers, too.
- Shipping Notifications Shams—Phony shipping notifications can appear to be from a mailing service alerting you to an update on your shipment, when in reality, they are scams carrying malware and other harmful software designed to infect your computer or device.
- Bogus Gift Cards—An easy go-to gift for the holidays, gift cards can be promoted via deceptive ads, especially on Facebook, Twitter, or other social sites, that claim to offer exclusive deals on gift cards or packages of cards and can lead consumers to purchase phony ones online.
- Holiday SMiShing—During the holidays, SMiShing is commonly seen in gift card messages, where scammers pose as banks or credit card companies asking you to confirm information for “security purposes”. Some even include the first few digits of your credit card number in the SMS message to fool you into a false sense of safety.
- Fake Charities—Donating to charities is common this time of year for many looking to help the less fortunate. However, cybercriminals capitalize on this generosity, especially during natural disaster events, and set up fake charity sites and pocket the donations.
- Romance Scams—With so many niche dating sites now available to Internet users, it can be difficult to know exactly who the person is behind the screen. Many messages sent from an online friend can include phishing scams, where the person accesses your personal information such as usernames, passwords, and credit card details.
- Phony E-Tailers—The convenience of online shopping does not go unnoticed by cyber scrooges. With so many people planning to shop online, scammers set up phony e-commerce sites to steal your money and personal data.
(List courtesy McAfee/Intel)
So be on guard during this holiday time, and as always, don't waste your money.
Don't Waste Your Money is a registered trademark of the EW Scripps Co.
Follow John on Twitter (@DWYM)