TIS
the season… to be scammed by online scammers who are out to steal your holiday
cheer. Every year as online commerce
grows, so do online scams. Today’s
cybercriminals are going to try to entice you into giving them your hard earned
cash through a number of ever more imaginative scams. In today’s blog, I will endeavor to give you
a leg up on the top 12 ways to avoid getting Grinched this holiday season.
Grinch #1: Offers That
are Too Good to be True
iPads for
only $50. Laptops for $100. While supplies last. We’ve all seen these offers online. Hot ticket products for way less than
retail. Offers that sound too good to be
true, right? That’s because they
are. For every etailer that sells
legitimate items, there are thousands of cybercriminals who are out to rip you
off. And why not, since it takes only a
few hours to create a website that is capable of processing orders. That doesn’t mean that there aren’t
legitimate online businesses that sell items below wholesale. If you want to get the lowdown on how low
prices can go, then you need to scope out eBay and Amazon to determine a
realistic price for any item you intend to buy.
If an etailer is offering a price below what can be found on major
discount portals, odds are you are being set up for a scam.
Another
thing, even if the offer seems to originate from a major retailer, that doesn’t
mean you can’t be duped. Scammers can
create a clone of a legitimate site that is used to grab your credit card information. I was almost duped by a clone of the Go daddy
site recently, when I received an email telling me that my hosting would be
terminated if I did not respond. The
only thing that saved me from getting burned was picking up the phone and
calling Go daddy. Only then did I learn
that this was a phishing scam.
Bottom
line, if you are unsure of the validity of an offer or inquiry, the best course
is not to reply online, but to call the party in question.
Grinch #2: Your
Shipment is Stuck in Transit
This
online scam picks up where Grinch #1 left off.
In this con game, you will receive an email informing you that your
shipment is stuck in transit. Clicking
on the link will bring you to a convincing clone of a major shipping site, such
as FedEx, UPS or USPS. You will then be
asked to provide a nominal payment to insure delivery. Don’t you believe it. The only thing that will happen is that your
credit card information will be sold to the highest bidders. Just as with the Offer Too Good to be True scam,
this flim-flam relies on your willingness to do business online with what seems
to be a recognizable company. As with
Grinch #1, when it doubt sort it out by calling the shipper.
Grinch #3: Fake
Charities
In
this season of giving, you want to make sure that any charitable contribution
is going to a legitimate charity. One of
the most profitable scams online today is to either set up a bogus charity, or
clone the website of a legitimate charity only to solicit contributions that
wind up in the scammers pocket. So
prevalent has this kind of online scam become that the Attorney General in
every state in the union has set aside a portion of their website to report on
online charity fraud.
Courtesy of |
Grinch #4: You Could Be
a Winner!
Unlike
the first three Grinch’s who are interested in acquiring your credit card
number, fake contests and surveys are more interested in glomming your personal
information. With enough info, these
scammers don’t need your credit card number.
They will be able to acquire new credit cards, generate a refund from
the IRS, or even take out a loan in your name.
Grinch #5: Free Games
Who
doesn’t like something for nothing?
Freeware has been around since the birth of the Internet. The problem is that today, for every
legitimate freeware or shareware offer, there are a hundred malicious sites
that will either rifle your personal information, deliver malware as soon as
you download the software, or hijack your computer outright. While the con extends to software of all
stripes, free-to-play (F2P) games are particularly insidious, since they target
youngsters who may or may not have their own devices. If your child uses your laptop, tablet or
smartphone to entertain themselves, it could be you who winds up having a game
run on them. Not only can spyware or malware
be part and parcel of any F2P game download, but most companies that produce
them only offer a small portion of the game to be played for free. Then they entice the player to take the game
to the next level (or eliminate incredibly intrusive advertising), which costs
real money. Some parents have been
shocked to find charges for hundreds of dollars on their credit cards that were
created when their kids played supposedly free games on their devices. More
info is available at the
gameindustry.com gamer-blog.
Grinch #6: Gift Card &
Coupon Scams
According
to the National Retail Federation, gift cards have been the most requested
holiday gift for nearly the past decade.
This year alone, American consumers are expected to spend $26 billion on
gift cards alone. Needless to say,
cybercriminals have their greedy little hands in the cookie jar.
Courtesy of |
While
there are many legitimate sites that sell gift cards, it should come as no
surprise that bogus sites selling cards that are virtually worthless. Don’t be fooled by come on ads that promise
discounted cards. Also, be aware that
cards purchased at major retailers can be set to rip you off if you grab them
from the rack.
Here
is something I
learned on Yahoo Finance: “A
lot of stores make it easy for you to buy gift cards. They have giant racks
containing dozens of cards in their center aisle or near the registers.
Unfortunately, they are also making it easy for thieves to steal from you. Most
cards today have a scratch-off area on the back that contains a PIN or other
number needed to redeem the card. Thieves scratch it off, write down the number
and then call the toll-free number regularly while waiting for the card to be
purchased and activated. Once it is, they drain the card’s balance. Protect
yourself by double-checking the back of the card for any signs of tampering
before buying.”
You
also need to be leery about accepting online coupons, refunds or rebates,
especially if you receive word of them via email or text message. Phishing can take many forms and it’s up to
you to throw these phish back.
Grinch #7: Free Wi-Fi
Can Cost You BIG
Another
way for cyber thieves to reel you in is via in-store Wi-Fi networks. If you are one of those people who likes to
prowl stores with smartphone in hand, using your device to comparison shop, you
need to know that if your data connection is blocked inside a big box store,
using the store’s Wi-Fi is one of the quickest way for thieves to compromise
your phone’s security.
"People may want to log on to their Best Buy or Amazon
accounts to check prices, but open Wi-Fi is probably the least secure place to
do that," says
Michael Kaiser, executive director of the National Cyber Security Alliance. “If you're tech-savvy enough to use VPN
software — short for "virtual private network," a technique for
shutting would-be eavesdroppers out of your connection — on your phone, then
free Wi-Fi is safe so long as you have the VPN on. For most people, though,
it's simply best to stick to your cellular connection.”
Grinch #8: Phishing
Scams Looking to Reel You In
Courtesy of |
The
holiday shopping season is like open season for phishing scams. Virtually every offer that you receive via
email and/or text message during the period leading up to the New Year has to
be taken with a grain of salt. Even
notices purportedly coming from a friend who informs you, “You should see the
deal I just got on a new XYX product” should be regarded with suspicion. More importantly, never ever click on the
link that comes at the end of the message.
Nine times out of ten, your friend’s email was compromised and the link
leads to Malware Central. If you receive
a message with a link, always call your friend or family member to ask them if
they sent the message. If they reply
“No”, then you need to tell them that their email has been hacked. This means they need to call their email
provider and they need to send out an email to everyone they know telling them
NOT to click on any links sent from the compromised account.
Grinch #9: Ecards with a Side of Malware
Electronic
greeting cards, otherwise known as ecards are another popular item during the
holidays. Unlike traditional greeting
cards, ecards use audio or even animation to entertain the recipient. Moreover, they are easier and cheaper to send
out to family and friends since they don’t require you to purchase stamps to
send them on their way. While legitimate
purveyors of ecards such as JibJab.com
abound, you need to be aware of the fact that cybercriminals have jumped on the
ecard bandwagon.
This
isn’t so much of a problem when it comes to sending ecards. The danger lies in ecards sent your way. A recent post on scambusters.org points
out that:
“A legitimate-looking
ecard, once clicked or downloaded might actually contain spyware, spam or a
computer virus. Your computer may then
start displaying obscene images, barrage you with pop-up ads, launch adult
websites, or start sending bogus ecards to those in your address book that
appear to come from you”.
Talk
about putting a damper on your friend’s holiday cheer!
Courtesy of |
Grinch #10: Are Your Credit
Cards Naughty or Nice
If
you do make purchases online, you need to keep a weather eye on your credit
card statement. This is easy enough to
do online. The reason you should keep an
eye on your account activity is due to the fact that if your card information
is compromised, suddenly you could find hundreds or even thousands of dollars
in bogus purchases being made without your knowledge. If you use a debit card to make purchases and
thieves gain access to it, then it could be game, set and match for your bank
account. My advice is that you should
never use your debit card to make holiday purchases, and for goodness sake
spend a few dollars to purchase theft protection, such as that offered by
companies like LifeLock. Your wallet will thank you.
Grinch #11: Work at Home Scams Designed to Work You Over
Everyone
knows that during the holiday season businesses large and small are looking for
extra help. Criminals use the lure of
making a little extra money work for them like Santa’s elves by phishing for
people via work at home scams. These
cons start at the recruitment by dangling a position, then requiring the
applicant to provide everything from a resume to social security number, all of
which can be sold on the dark web. Then
to cap it off, the applicant is offered a position, at which time they are asked
to provide their bank account number.
(You want to get PAID, don’t you?)
To cap it off, now that you’ve given crooks the keys to the vault, many
of them will then require the hiree to accept an initial deposit, part of which
they are then told to transfer to another account. The FBI’s own site reports
that this scam is routinely used to dupe college students, who are in essence
committing a crime themselves.
“The funds
the student receives and is directed elsewhere have been stolen by cyber criminals.
Participating in the scam is a crime and could lead to the student’s bank
account being closed due to fraudulent activity or federal charges.”
If
it weren’t bad enough that criminal elements are targeting everyone from us to
our kids during the holiday season, it’s now likely that even our appliances
can be turned into unwitting accomplices.
In this web-enabled world of ours, everything from our Smart TV, to
refrigerators, security systems, nannycams, home healthcare devices, home Wi-Fi
networks, and a host of other appliances and wearables that fall under the
Internet of Things (IoT), are now vulnerable to cyberattack. Once penetrated, these devices can give a
hacker access to other devices and networks in your home and/or office. This can then lead to everything from rifling
your personal or medical information, to email spam attacks, denial of service
attacks, access to cameras in your home and/or office, which could then lead to
cyber blackmail.
Don’t
think it can happen to you? Think
again. Many IoT devices have little or
no cybersecurity, or they have default passwords that even a child can crack. So pervasive has cyber blackmail become that
a number of law enforcement agencies were advised by the FBI to pay the crooks
when their servers were breached, encrypted and shut down. Here’s what the FBI advises
you to do with your IoT devices.
Consumer Protection and Defense Recommendations
Courtesy of |
- Isolate
IoT devices on their own protected networks;
- Disable
UPnP on routers;
- Consider
whether IoT devices are ideal for their intended purpose;
- Purchase
IoT devices from manufacturers with a track record of providing secure
devices;
- When
available, update IoT devices with security patches;
- Consumers
should be aware of the capabilities of the devices and appliances
installed in their homes and businesses. If a device comes with a default
password or an open Wi-Fi connection, consumers should change the password
and only allow it operate on a home network with a secured Wi-Fi router;
- Use
current best practices when connecting IoT devices to wireless networks,
and when connecting remotely to an IoT device;
- Patients
should be informed about the capabilities of any medical devices
prescribed for at-home use. If the device is capable of remote operation
or transmission of data, it could be a target for a malicious actor;
- Ensure
all default passwords are changed to strong passwords. Do not use the
default password determined by the device manufacturer. Many default
passwords can be easily located on the Internet. Do not use common words
and simple phrases or passwords containing easily obtainable personal
information, such as important dates or names of children or pets. If the
device does not allow the capability to change the access password, ensure
the device providing wireless Internet service has a strong password and
uses strong encryption.
In
2014 alone, American consumers lost more than $800 million dollars to online
scams. That figure is expected to rise
during this shopping season. If you don’t want the Cyber Grinch to ruin your
holiday, you need to make sure that everyone in your family is fully prepared
to deal with the 12 ways your holiday can be hijacked.
In this article I have discussed 12
Grinchly scams that are perpetrated on the cyber shopping public every year,
especially during the holidays. This article further provides details on how
the scams trick consumers into taking the bait and how to avoid these scam so
your holiday won’t be ruined. It also provides 9 Consumer
Protection and Defense Recommendations.
Get your free copy |
If you
found this article useful please share it with your friends, family and
co-workers. If you would like to learn more about this subject, visit the notes
page on this blog for the BlogTalkRadio
show dated 12/1/15. I recommend checking out "The endless
Scams of Christmas (and Beyond)“, “The Byte Before
Christmas”, and
“The Hack Attack
is Back”. You can also search for other related articles by typing
in “Scams” or “Hacking” in the search box top of this blog.
If you feel your business could use some help with its marketing, contact us at 904-410-2091,We will provide a free marketing analysis to help you get better results. If you'd
like a free copy of our eBook, "Internet Marketing Tips for the 21st
Century," please fill in the form below and we will give you immediate
access to it. Your information is always kept private and is never sold. Don't forget to Plus us on Google+.
Carl
Weiss is president of WorkingtheWebtoWin.com a
digital marketing agency in Jacksonville, Florida that routinely works with
bloggers and other online marketers to grow their businesses.
Related articles
Hello! I just would like to give a huge thumbs up for the great info you have here on this post. I will be coming back to your blog for more soon. diablo incense
ReplyDeleteHello! I just would like to give a huge thumbs up for the great info you have here on this post. I will be coming back to your blog for more soon. diablo incense
ReplyDeleteI enjoyed reading every little bit of your blog. Please keep up the good work. It was so interesting! Thanks for sharing.
ReplyDeleteBuy Herbal Incense Online