When internet fraudsters impersonate a business to trick you into giving out your personal information, it’s called phishing. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing email messages, websites and phone calls are designed to steal money. Cybercriminals can do this by installing malicious software on your computer or stealing personal information off your computer.
Above: this is an example of what a phishing scam in an email message might look like.
- Spelling and bad grammar
- Beware of links in email
- Spoofing popular websites or companies
Here are some holiday phishing scams to be on the outlook for:
1. Holiday Specials
Online scams use a variety of lures to get unsuspecting buyers to click on links or open attachments. These are generally hidden under the guise to promote a great deal. Sites that seem to have incredible discounts should be a red flag to your senses telling you to stay away. “Special offers” sent to you in an email this way are nearly always too good to be true. Don’t click on any of the links or open attachments in email received announcing that great deal. Open up a web browser and go directly to the company to see if that offer is legit.
2. Complimentary Vouchers or Gift Cards
A popular holiday scam is announcing big discounts on gift cards. Don’t fall for offers from retailers or social media posts that offer vouchers or gift cards paired with special promotions or contests. Develop a healthy dose of skepticism and “Think Before You Click” on offers or attachments with any gift cards or vouchers! You are much better off purchasing your gift cards directly with the retailer, either online directly through their website, or physically in person.
3. Bogus Shipping Notices From UPS and FedEx
During the holidays, there is inevitably an increase in emails supposedly sent from couriers such as UPS and FedEx indicating that your package has a problem and/or could not be delivered. A very large majority of these are phishing attacks that try to make you click on a link or open an attachment. Legitimate email from couriers will almost always include your tracking number. Call the courier if you have actually sent a package and confirm with the dispatcher on the status of your delivery. Do not open an attachment received from a courier. In almost every instance, the attachment contains malware or a Trojan waiting to infect your computer.
4. Holiday Refund Scams
These emails appear to come from retail chains or e-commerce companies such as Amazon or eBay claiming there’s a “wrong transaction” and prompt you to click the refund link. The links usually take you to a bogus site asking you to fill in your information (name, address, credit card, etc.). This is a phishing scam with the aim to perform identity theft to retrieve your info to turn around and sell the information. If you have made an legitimate purchase at this time, deal with the source and do not click on the link in the email.
5. Phishing on the Dark Side
A new phishing email has begun circulating that tricks people into thinking they could win movie tickets for the highly-anticipated film, “Star Wars: The Force Awakens,” due out on Dec. 18. However, the email is a phishing attack, again asking for you to part ways with your personal information.
Stay safe online during the holidays:
- Never use an insecure public Wi-Fi to shop with your credit card. Only shop with a secure connection at home;
- Guard your personal information. Don’t freely divulge your personal information to unknown or untrusted sources.