Forget snow storms—the holidays present the perfect conditions for a storm of scams.

Think about it: we’re all busy, distracted, and doing nearly every activity frequently targeted by cyber scammers. In just a handful of weeks we’re reading oodles of emails, planning travel, shopping online, giving to charity, and receiving lots of packages.

Just like you prepare for real-life storms, you need to be ready for this flurry of potential scam activity—and not just at home. Remember that big Target data breach? That happened between Nov. 27 and Dec. 18 that year (which all started with a phishing email).

With scammers working overtime to leverage the frenzy of the holidays, you need to turn your scam sensors all the way up to high. Start by reviewing the top five kinds of holiday scams and how to stay on your toes:

  1. Phishing emails.
    You keep seeing scam emails for a reason: they work. It’s the fifth most-reported scam by consumers in 2018 and, according to some recent research, 32% of all data breaches involved phishing (and phishing was involved in 78% of cyber-espionage incidents).
  2. Fake products ads
    Those ads in your social media feeds may be totally for real…but don’t count on it. Scammers can make fake digital storefronts just like real companies—and take out ads for products that never ship. Also known as “non-delivery” scams, according to the FBI, this is the top scam relative to the number of victims (and its number 4 in terms of total loss).
  3. Travel scams
    Research says that nearly a quarter of all consumers report being misled by third-party travel resellers on the phone or online. And don’t think that vacation rental sites are free and clear of scam activity—a journalist recently stumbled on a huge Airbnb scam.
  4. Delivery notifications
    Scammers know we’re taking advantage of the online sales this time of year and create real-looking emails about expected deliveries. These phishing emails may say your package couldn’t be delivered and that you have to reschedule it by clicking a link. Or, the email may contain a tracking number you have to click to verify shipment.
  5. Charity scams
    The National Philanthropic Trust reports that Americans gave more than $292 billion (yes, with a B) to charities last year. That staggering amount of generosity is temptation for scammers who want those funds for themselves.

I know you’re tempted to stop reading now, but don’t!

You are the best defense against all of these scams. If you don’t believe me, listen to Jim Valk, our manager of Governance, Risk & Compliance:

“Your vigilance is critical to protecting your personal information and pocketbook. Always be cautious when reading articles, answering your phone, responding to email or clicking on links in emails, websites, or pop-up boxes,” says Jim. “Scammers use a wide variety of social engineering techniques so the best advice is rely on your intuition and sanity alarm. If it seems like an unusual or odd request, do some additional investigating to be sure or ignore the notice altogether and see what happens.”

If you see any of these, alarm bells should be going off in your head

  • A sense of urgency. Don’t let yourself be tricked into reacting before thinking. Whether it’s to buy now, reserve a room, get a package delivered, or donate money, when you’re asked to act now you need to stop and think. Is that offer too good to be true? Would the sender really need that information now? Why do I have to verify information for a company I already do business with? Always take the time to really consider what’s being asked of you.
  • To solve a problem you need to click a link, download an attachment, or provide information. Really, stop and think about this question: when was the last time a legit company or charity resolved something important using a single email/text that required you to give them information, download a file, or click on a link? Keep thinking, because it’s probably never happened so don’t fall for it.
  • Requests to pay with cash, gift cards, or wire transfers. All of these payment types are untraceable which is why scammers love them.

And, although it’s a busy time of year, it only takes a few moments to…

  • Research. Make a phone call (using a number you look up yourself), do a little Googling to check out reviews, phone a friend—no matter how you do it, the more you know, the less likely you’ll be taken for a ride.
  • Pay with a credit card. Although not a guarantee, you have a shot at disputing charges if you pay via credit card.
  • Review email senders. Never open attachments or click links from senders you don’t know—especially unexpected ones. And, even if the sender DOES appear to be legit, double-check the email address to make sure.
  • Verify that websites are secure. Look for the HTTPS in the domain name in the search bar.



Leave a Comment