The Endless Scams of Christmas (and beyond)

Courtesy of www.1a20.com

By Carl Weiss

You may have heard of the 12 Days of Christmas, but what you probably haven't heard of are the Endless Scams of Christmas. In their efforts to "liven up" the holidays, cybercriminals this year are going to act like the Grinch in their efforts to ruin your holiday spirits. So in this season of giving I though it only appropriate to give all of our loyal readers the lowdown on the top 12 cyberscams that you can expect to see this upcoming yule.

On the First Day of Christmas my true love said to me, you won’t believe what I found under the tree.

Santa has nothing to do with the multitude of offers, you will find online this shopping season that are too good to be true.   A recent blog on Democrat and Chronicle quoted attorney Eric Schneiderman as saying,

“As the holiday shopping season kicks off and more consumers plan to shop online, there are simple steps you can take to avoid scams and protect your personal data. Consumers should know how to spot fake websites and deals that are too good to be true.”  Schneiderman warned that when shopping online, consumers should only use secure Internet connections and only process online payments on web pages that are HTTPS verified to protect themselves against fraudulent companies.” http://www.democratandchronicle.com/story/news/politics/blogs/vote-up/2014/12/01/shopping-on-cyber-monday-heres-some-tips/19732935/

This is good advice.  But the first warning sign of an impending cybercon should be prices for merchandise way below retail or wholesale levels.  You also need to make doubly sure that the website you thought you were clicking onto is indeed the one you arrived at.  Cyber criminals are amazingly good at creating knockoff websites that look just like the real deal.  The only difference would be a subtle spelling difference in the URL.  So be warned and be safe.

On the Second Day of Christmas my true love said to me, look what I won honey!

Courtesy of www.bumperstickerz.comC

A variation of the offers-too-good-to-be-true would have to be contests that notify you that “You Have Won!”  First of all, if you are unfamiliar with said “contest” do not accept the email, much less click on the link.  If you do, you are going to be asked for additional personal information “needed” to send you your prize, or you might also be asked for a credit card number to “cover shipping.”  They don’t call them Con Tests for nothing folks.  Give the Grinch the boot.

“Consumers should be suspicious of any email, messages, or posts on social networks promoting giveaways or contests that seem too good to be true, e.g., free high-value gift cards, tablets, and smartphones. These “contests” are often scams designed to bilk consumers out of money and/or to collect consumers’ personal information for resale. Genuine sweepstakes and contests are commonplace on the Internet; however, you should avoid any contest or promotion that requires you to pay money or to perform any sort of financial transaction. Also, think twice before participating in promotions that require entrants to register with multiple third-party websites; often these are ploys to build marketing lists. Promotions that require users to provide more than simple contact information may even be phony or run by scammers who resell consumer information to collect referral fees!”

On the Third Day of Christmas my true love said to me, let’s help this charity!

Courtesy of www.jsonline.com

While giving to a legitimate charity is a noble act, you need to be extra careful to whom you donate your hard-earned money.  Fake charities are a real menace to consumers and business owners alike.  Before you donate, make sure you navigate your way to a legitimate charity.  A blog by Credit.com titled “4 Ways to Avoid Charity Scams” advises,

“It’s so easy to click on a link in your email, break out your wallet for a sympathetic caller or open a site from Facebook — but resist the impulse. When you decide to donate, go directly to the website of the organization to whom you want to give your money, rather than taking a shortcut. Not only could your dollars never reach their destination, you could end up downloading malware or leaving yourself open to identity theft.”

On the Fourth Day of Christmas my true love said to me, look what a little birdie told me.

Courtesy of www.wm.edu

As I have pointed out in many other blogs, always be doubly suspicious of email that was supposedly sent to you by a friend or family member that simply contains a line and a link along the following lines, “You need to check this out!”  The only thing you’re likely to check out next is the local PC Doctor to help you eliminate the malware you just unleashed on your system.  Even worse, some of the latest hacking software can even robotize your system, not to mention rifle it for any contact emails for your family and friends.  How do you think they got your address in the first place?

On the Fifth Day of Christmas my true love said to me, check out my new USB.

Courtesy of thecoolgadgets.com

Other than clicking on ads or email links, the quickest way to infect your system is to plug in a Free USB.  If you will recall, this is how Iran’s nuclear program was infected with the Stuxnet virus.  One of their personnel inadvertently picked up a USB and plugged it into a terminal.  So if you should be sitting in a coffee shop or copy center and see a USB lying around on a table unattended, DO NOT TOUCH IT.  You will thank me later.

On the Sixth Day of Christmas my true love said to me, let’s grab some coffee.

Speaking of coffee, you also need to be very wary of using public Wi-Fi these days.  As

Courtesy of gamesandsoftwareapp.blogspot.com

of late everything from coffee shops to airport terminals and hotel public Wi-Fi systems have been targeted by hackers in order to gain access to unsuspecting victims.  There was even a report of a number of hotels in Japan that were infected with an insidious malware subroutine that were designed to target specific high-value executives in order to aid and abet corporate espionage.  Personally, I never connect to public Wi-Fi.  I use my cellphone to launch a Wi-Fi hotspot. If you do insist on using public Wi-Fi then you should have at least three layers of anti-virus and anti-malware to protect you from unwanted intrusion.  Because your real wake up call might not be that double mocha latte after all.

On the Seventh Day of Christmas my true love said to me, let’s get some money.

Courtesy of knco.com

Here’s the rub, it isn’t just your personal electronics that can be hacked.  So can everything from ATM machines to gas pumps.  Cybercriminals use credit card skimmers that are designed to grab your credit card information or your pin numbers.  Thieves have also been known to install their own cameras in order to record your PIN.  So make sure you cover the keypad with your hand before entering any PIN.

On the Eighth Day of Christmas my true love said to me, I got a call from somebody.

Courtesy of www.nbcrightnow.com

Thieves are also not averse to getting on the phone, impersonating a lender, credit card Company, or even the IRS in order to try to pressure you into divulging personal information.  While breaches of major retailers involving tens of millions of stolen cards have and will continue to take place, when in doubt you should call the number of the bank or the number on the back of your credit card to make absolutely sure you are not being conned.

On the Ninth Day of Christmas my true love said to me, our package is in jeopardy.

www.itsadisaster.org

Here’s another newsflash: The US Postal Service, UPS, Fedex and other legitimate shipping companies will not send you an email if a package is hung up in transit.  But cyber thieves will send you an email that links to a clone of the shipper’s site in order to fleece you.  Again, when in doubt, call the company directly.  Do not click on a poisoned link.  And never, EVER divulge personal or financial information unless you know to whom you are emailing or speaking. 

Courtesy of www.billbaileytravelclub.info

On the Tenth Day of Christmas my true love said to me, have you ever been to Bimini?

Along with bogus product come-ons are travel deals that offer to Save You Big $$ on last-minute trips.  While there are a number of legitimate travel purveyors that specialize in last-minute trips, they will not solicit you via spam email.  You are required to opt-in and register with them.  The last thing you want to do is schedule a trip that takes you nowhere but to the cleaners.  Travelers Beware.

On the Eleventh Day of Christmas my true love said to me, look at the card we got from Sonny.

Courtesy of www.techjaws.com

Digital e-cards are sure to bring a smile to your face unless they are not from the person you thought they were.  While you might be thinking season’s greetings, cyber thieves are into season’s greetings by hoping to get you to click on a fake link that instead of bringing a twinkle to your eye will instead give you a case of merry Malware.  Again, never click on a link unless you are sure that it is from a legitimate e-card company like jibjab.com.  (Also make sure you mouse over the link in order to detect if the URL on the card or email is the one you are going to be taken to.  If you mouse over the link and the URL that is displayed at the bottom of your browser does not match up with the link on the email, don’t go there or you will soon have a case of the Ho-ho-holiday blues.)

On the Twelfth Day of Christmas my true love said to me, let’s try this free app honey.

Courtesy of freephonelink.net

As they say, there’s no such thing as a free lunch.  And when it comes to free apps, user beware.  Many of them are designed by and for cyber thieves.  Like a vampire, these Denizens of the dark hope to get invited into your private space so they can put the bite on you.  Before loading any app you need to check them out in advance.  Google their reviews and use protected sites such as google play, or iTunes or tucows.com since these sites vet their apps to make sure they aren’t carrying any unwanted gifts.

The Holidays can bring many gifts to you and yours, but remember to check your stocking twice and keep your anti-virus and malware software up to date, ready to block as many unwanted presents as possible.

In this article I have provided my own list of the 12 Scams of Christmas. Although my list is far from comprehensive, it does contain this year’s top holiday scams. You can find more than a dozen articles about scams and fraud on our blog site by entering “scams” or “security” in the search box, at the top of this blog. I also recommend reading the “Byte before Christmas” and the “Hack Attack is Back”, just to name a few.

If you found this article useful, share it with your friends, families and co-works. If you have a comment related to this article, leave it in the comment sections below.  If you would like a free copy of our book, "Internet Marketing Tips for the 21st Century", fill out the form below. 

Thanks for sharing your time with me.





When Carl isn’t singing Christmas carols, he can be heard every Tuesday at 4 p.m. Eastern on Blog Talk Radio with his weekly "Working the Web to Win" radio show.

Related articles

• Scams: Don't let Grinch ruin your holidays
• Bronx tax preparer pleads guilty to fraud charges
• Big Mac Attack
• Shopping on Cyber Monday? Here's some tips
• Beware of Holiday Scams
• Holiday Scams Video
• NYC Official: You Better Watch Out For Scams While Shopping For The Holidays
• Shopping on Cyber Monday? Here's some tips
• Some tips from the AG if you're shopping online Monday
• Top 5 Holiday Scams And How To Avoid Them