Retailers look forward to the holiday-shopping season all year -- and so do cyberthieves. As consumers head online to track down the hottest gifts, make travel arrangements and contribute to their favorite causes, thieves do their best to separate them from their money. Here are this year's Top 12 scams.
Retailers anxiously await the traditional holiday-shopping season all year -- and so do cyberthieves. As consumers head online to hunt for deals, track down the hottest gifts, make their holiday travel arrangements and contribute to their favorite causes, thieves do their best to separate consumers from their hard-earned cash.
McAfee Inc., the security technology giant based in Santa Clara, Calif., says of the biggest lures cybercriminals are using this year is the Apple iPad. It’s the “it” gift this season, and the lure of obtaining one at a deep discount -- or even for free -- is enough to trick consumers into giving out sensitive financial information.
“Scams continue to be big business for cybercriminals who have their sights set on capitalizing on open hearts and wallets this holiday season,” said Dave Marcus, director of security research for McAfee Labs. “It’s important to recognize common scams to safeguard against theft during the busy season ahead.”
So protect yourself from online deception and fraud by avoiding McAfee’s “12 Scams of Christmas.”
1. iPad Offers.
Offers for free or deeply discounted Apple iPads abound this year. McAfee Labs found that in one emailed version of the scam, consumers are asked to purchase other products and provide their credit-card number in order to get a free iPad. “Victims never receive the iPad or the other items, just the headache of reporting a stolen credit card number,” McAfee says.
Another version of the scam appears on social networking websites. Victims are asked to take a quiz to win a free iPad, and provide a cell phone number to receive the results. By doing so, consumers unwittingly sign themselves up for a cellphone service that costs $10 a week, according to McAfee.
2. “Help! I’ve Been Robbed!”
With so many friends and family traveling during the holiday season, it’s easy to convince potential victims that their loves ones could be in distress while away from home. The latest online travel scam plays on victims’ emotions by sending a phony distress message to everyone on their social media websites’ “friends” list, requesting that money be wired or transferred so that they can get home, according to McAfee. It predict that we’ll be seeing more of these types of scams as the busy travel season heats up. Most messages such as these are likely to be bogus, but if you do receive one, contact the person directly to verify the message is legitimate before offering any assistance.
3. Fake Gift Cards.
By now, it should be apparent that any offer of a “free gift card” is likely to come with some expensive strings attached, but these days brazen crooks aren’t even bothering to sign victims up for costly subscription accounts or urging them to buy other products or services to obtain the gifts cards. Instead, they simply steal consumers’ sensitive financial information and sell it to identity theft rings. For example, McAfee says, a recent Facebook scam offered a “free $1,000 Best Buy gift card” to the first 20,000 people who signed up for a Best Buy fan page. (The fan page turned out to be fake.) To get the “free” gift card, victims were asked to provide sensitive financial information and then take a series of quizzes designed to glean even more private information that could be used against them by identity thieves. Remember the adage: “If it sounds too good to be true, it probably is.”
4. Holiday Work-From-Home Scams.
Another cruel scam looks to take advantage of the current economic environment. With so many long-time unemployed Americans looking for work to make extra cash this time of year, criminals have taken the “work-from-home” scams to another level. Posts made on social-networking websites such as Twitter attract victims with claims of high-paying, work-at-home jobs are actually just another rouse to trick them into giving up sensitive personal information, such as email address, home address and Social Security number, according to McAfee.
By now, you’ve probably heard of “phishing” emails scams, where thieves send messages designed to look like the come from legitimate financial-services companies or retailers with which you have an account. The emails include links that send you to websites that look just like legitimate company sites, and ask that you provide your user name and password. That information is then stolen and used to access your account.
This year, the new scam buzzword is “smishing” -- or sending phishing SMS texts. The scam texts appear to come from your bank or an online retailer saying that there is something wrong with an account, McAfee says. Victims are asked to call a number to verify your sensitive account information.
Bottom line: Never click on a link via an email or social-networking site that requires a user name, password or any other personal information, to access an account. Instead, type the main website address into your browser yourself and access your account securely, or call the customer-service phone to verify that nothing is amiss with your account.
6. Suspicious Holiday Rentals.
Travel ads promoting rock-bottom holiday rentals should always be approached with a skeptical eye during one of the most expensive times to travel during the year. Criminals often use fake holiday rental sites that ask for down payments on properties by credit card or wire transfer, McAfee says. This can be particularly true for websites advertising vacation rentals overseas. To avoid being taken, use travel websites such as TripAdvisor to compare rental rates at a number of legitimate reservation companies.
7. Recession Scams.
Pay-in-advance credit schemes are another scam aimed at those suffering economic hardship. McAfee says it’s seen a jump in the number of spam emails advertising prequalified, low-interest loans and pay-in-advance credit cards that charge a fat-one time processing fee. Of course, the “fee” is pocketed by the thief, who quickly disappears, and the card or loan never materializes.
8. “Free” E-Cards.
Young people are increasingly using electronic cards to send greetings -- it’s an easy, convenient and earth-friendly way to reach out to the people you love without spending a lot of time and expensive writing out cards. Though some might balk at the impersonal nature of a sending or receiving holiday e-cards, a larger danger lurks. Criminals set up fake e-Card sites that have links embedded with computer viruses, keystroke tracking programs, and other malware, McAfee says. After opening the card, users’ computers may start displaying obscene images, pop-up ads, or even start sending cards to contacts that appear to come from you, the company says. Without sounding like a Scrooge, your safest bet is to avoid opening holiday e-cards, particularly if it’s from someone whose name you don’t recognize, or the subject line has spelling errors, according to consumer watchdog Scambusters.org. If you choose to send e-cards, make sure you stick with legitimate companies.
9. Low Price Traps.
It used to be that shoppers who saw deeply discounted prices advertised had to worry about the old “bait-and-switch” traps -- retailers who use rock-bottom prices to lure to shoppers into the store so that salesclerks could convince them to buy more expensive merchandise. Today, the trap is more like “bait-and-run”: Criminals advertise products online far below competitors prices on auction sites such as eBay or fake websites set up to look like legitimate retail sites, McAfee says. In addition to unusually low prices, some also offer the holy grail of holiday shopping: free shipping. But when victims make a purchase, their personal information and their money is stolen and the thief disappears, only to set up shop under a different bogus name elsewhere.
If you see a product at deeply discounted prices, check the websites’ seller reviews to see if there have been any complaints. Avoid retailers who just set up business and check contact information on the company’s website before making purchase. Once again, if it sounds too good to be true …
10. Charity Scams.
In addition to the customary shopping binge, the holiday season also sees the traditional surge in charitable giving. As a result, this is the time of year you’re most likely to get hit with a charity scam. Common charity schemes include phone calls, spam e-mails asking you to donate to veterans’ charities, children's causes and relief funds for the latest catastrophe, McAfee says. If you’re asked by a friend or loved one to donate to a cause via social networking, take a moment before you donate to contact that person to ensure that the request isn’t a scam.
11. Dangerous Holiday Downloads.
This is the time of year people flock to the web to download free screensavers, jingles, animations, desktop themes, ringtones, apps and other holiday-themed accessories for their computers, cellphones and other electronic devices. Unfortunately, this is a quick and easy way for scammers to spread dangerous viruses, computer hacking and spyware programs, and other electronic threats. Your safest bet is to stick with offers of free downloads from companies with which you already do business, such as your electronic device manufacturer and Internet service provider.
12. Hotel and Airport Wi-Fi.
During this peak holiday travel season, many consumers will be accessing the Internet through free wi-fi in hotels, airports and coffee shops. Before you connect through a wireless network, make sure it’s one you trust and never provide any sensitive personal information, particularly for bank, credit card or brokerage accounts, McAfee says.
You don’t have to be on the road to be in danger of hackers accessing your information. If the wireless signal to your home’s router isn’t password protected, your connection is in danger of being accessed by criminals.