Are holiday scams all that different than normal run-of-the-mill cyber scams? -with Howard Globus
No & Yes.
All scams rely on victims being greedy or being confused. Addressing the latter, during the holidays we are generally frazzled. During a normal holiday season there are gifts to buy, exchanges, returns and more things to purchase, travel to plan, relatives to prepare to receive and a rush to use vacation time or flexible health care dollars, and all the preparation for end of year and a closing out of the books, figuratively and literally. We have not had a normal holiday season in almost two years now.
With the pandemic being off and then on and then back off and on again, a rush to get out and see relatives before the next iteration of variant or lockdown or need for another booster, we’re all running around like crazy.
What kinds of things should we expect to see, scam-wise, this season? Here is a short list of the scams that I’ve had reported to me since the Halloween candy was still fresh:
– Emails requesting sensitive information to verify a purchase (Phishing scams)
– Emails and texts from “tech support” that your purchase/package is delayed, or a problem occurred (Phishing and SMSishing – SMS-Phishing)
– Amazon purchase made was sent to the “wrong” address (Phone call and Phishing)
– Gift card “problem” requiring verification (Phone, Phishing and SMSishing)
– Search Engine redirection based on misspelling to purchase knock-off product
– Request for donations to charities with skim or all funds stolen
The scams that we have been seeing rely on us trying to do many different tasks simultaneously or without focusing our full attention on where we are and what we are seeing.
An email that comes in requesting some kind of sensitive information might be ignored while not around the holidays. However, if the request is
ambiguous enough and preys on the fear of failing to provide for our
children or loved ones during the holiday, we may be more likely to respond with a piece of information that we would not normally.
Similarly if we are concerned about a gift delay or a problem that can be averted through clicking on a link that was conveniently sent via email or a text message, by all means we may just circumvent having to root through our emails or saved receipts to double check before confirming delivery with a home address and a portion of our credit card.
A charities website that looks right or a web page for a hard to find gift that has a few in stock can make us eager to enter our credit card information and billing address quickly to secure the transaction.
The question, then, is how do we protect ourselves?
The answer during the holidays is not much different than any other time of year.
If an email, text or website looks too good to be true, it probably is.
If you are expecting a FedEx package and a text comes in asking you to go to this website to enter data that seems unrelated to the delivery, probably best not to enter that information.
If a website redirects you (opens several links in a row to get to the page that you are finally on) when you click on a link in an email or text, it may not be the online retailer or delivery service that you are expecting to login to with your ID and password.
My advice during the holidays remains similar to my advice during the rest of the year. Be aware of your surroundings. As you would think twice about wandering down a dark back alley in a foreign town late at night, know where you are before you enter any sensitive information on a website or answer questions from a caller looking to help you out.
– When shopping online, go to the retailer’s main page from the address bar or a saved, known good link in your bookmarks. You can always key in a coupon code to get the extra percentage off that is promised in the promo email.
– If you didn’t make a large appliance purchase on an online retailer it is unlikely that they would be calling you to discuss a missed delivery. It is even more unlikely that they would require your credit card information to verify the purchase before they can speak with you about the incident. If that kind of urgency is real, hang up, go to the retailer’s website (see previous point) and contact customer service from their portal directly.
– Donations can be made to charities of your choosing online. Go to the charities’ main website and navigate from there to donate generously.
A good rule of thumb is slow down, take a moment or two and confirm that you are on the site you intended to be on before entering any sensitive information.
Have a happy, healthy and safe holiday.
