Holiday season has arrived, bringing joy, shopping, and... criminals trying to steal your money and identity. Here are 14 holiday-season cyber-scams to be aware of -- and to avoid:
Phony store scams -- It's easy to set up a fake online store, offer popular gifts at unusually low prices, and steal people's credit card information when they make "purchases." So, if you have never heard of a store before, be careful. Using one-time credit card numbers can help protect in such a situation. And, remember, if a price is too good to be true it probably is.
Price comparison scams -- Many people use Google to compare various retailers' prices for items that they wish to purchase. To take advantage of you, criminals seeking to steal credit card information or distribute malware can set up storefronts offering some goods at legitimate prices and others at extremely low prices - a strategy that can help their "store" look legitimate and potentially help get its low prices included in the Google search results. So, don't rely on a store being legitimate just because it appears in a Google price comparison search result.
Store review scams --Don't rely on positive vendor reviews - criminals can easily create phony recommendations or buy them. Impartial information and negative comments are often a lot more revealing, although dishonest parties are known to have made purchases in order to create negative reviews for competitors.
Product review scams -- Amazon is currently suing people who charged $5 for placing positive product reviews for products on the Amazon site. Other markets may be plagued with fake reviews as well - and may not even be cracking down on them.
Advertising scams -- Just because an advertisement appears on a legitimate website does not mean that the party doing the advertising - or the product or service being advertised - is legitimate. Advertiser vetting procedures vary wildly from site to site.
Phony e-greeting cards -- Many people send fancy e-greeting cards this time of year. But, malware can easily be hidden in email attachments, and criminals can create emails with links to "retrieve cards" that actually direct users to phishing sites or to sites that download malware onto your computer or smartphone. I personally don't open e-greeting cards.
Fake delivery-service emails -- During December, many Americans receive items shipped by UPS, FedEx, and the US Postal Service - a fact that criminals exploit by sending emails and text messages that impersonate correspondence from these services and that deliver malware via attachments or direct users to phishing websites. If you have questions about a delivery - or receive an email alert about a delivery - visit the carrier's website by entering their URL into a web browser; do not click on links in an email or open attachments.
Gift card scams -- Criminals are known to sell phony gift cards, stolen gift cards, and legitimate gift cards purchased using stolen credit cards. Ideally, buy gift cards directly from the vendor or from a store that you know is legitimate. Some gift card markets offer money back guarantees if a card is not honored due to the aforementioned forms of fraud -- but, in the case of holiday gifts, do you really want someone who received a gift from you to possibly to be embarrassed in a store if the card you gave him or her does not work, or have to ask you to get a refund and buy another card?
Emails impersonating stores -- While criminals send out emails that impersonate Amazon, ebay, WalMart, and other major online retail outlets all year round, their efforts intensify during holiday shopping season. Phony emails often spread malware or direct would-be shoppers to phishing sites. It is always best to visit vendor websites by entering their URL into a web browser, not by clicking links in an email solicitation. And, of course, do not open attachments that appear to be sent by stores.
Charity scams -- Americans are an extremely charitable people, and holiday season sees solicitations arrive from many charities. While charity-related scams exist year-round, crooks know that the giving spirit of the holidays improves their odds - so be extra vigilant during this time of year. Before you give to a charity about which you know very little, you may wish to confirm its worthiness with the Better Business Bureau, Charity Navigator, or some other legitimate charity search engine. When making a donation, always initiate contact with the charity via its website (or listed phone number or known physical address); never give payment or credit card information to someone who contacts you by phone or email claiming to represent the charity.
Email/Texting/Phone scams -- On that note, if anyone emails, texts, or calls you and asks you for private information, unless you are sure of their identity (e.g., you recognize the caller's voice and know him or her personally), don't discuss the account on that call, instead call, email, or text back using pre-known contact information. During holiday season criminals sometimes impersonate major retailers and pretend that there is some problem with a shipment or credit card; they know that they will have a good "hit rate" since many people purchase from such retailers this time of year and would be concerned about an issue that could prevent delivery of a gift in time for Christmas or Hanukkah.
Credit card application scams -- As one would expect in a country in which a huge amount of shopping is done with credit cards, criminals send out phony credit card offers this time of year both via email and snail mail. Credit card applications ask for all sorts of personal details including your Social Security Number; always confirm the validity of a credit card application before completing it. Online credit card applications should be accessed by entering the URL of the issuing bank, not by clicking links that appear in emails, blogs, or online forums discussing credit card offers or related deals.
Social media post scams -- Social media is loaded with links to fake deals and coupons, and once one person posts a fake deal or coupon, social media can help that misinformation go viral. Be careful. Links can point to phishing sites, or to sites delivering malware, advertisements, or other undesired material. People's accounts can also be hacked - so, even if it is a friend sharing the "deal" or "coupon" be careful.
Free software scams -- While there are some legitimate giveaways by vendors seeking to market other products and services, there are many "giveaways" that are not legitimate: holiday apps, screen savers, and other "free" software may be Trojan horses containing malware. Stay safe by downloading only from legitimate parties and asking yourself - why is someone giving me something for free? If there is no reason - the true reason may be problematic.
Please feel free to discuss this article with me on Twitter. I am at @JosephSteinberg