As we roll into December, a lot of people will be rushing to make sure everything is perfect for the festive period. Unfortunately, not only will consumers be busy trying to wrap those last-minute gifts, scammers will be looking to take advantage of the holiday headaches and cash in.
With that in mind, I thought I would put together a few tips for staying safe this Christmas.
Beware of Email Scams
An increasingly common scam sees an email with an enticing offer or alarming warning sent with a clickable link. It is a trivial matter for a criminal to pass an email off as originating from a legitimate source, so be careful. If emails contain spelling or grammar errors, or if their address looks suspect (e.g. [email protected]) then it is likely to be a scam. To be on the safe side, you should refrain from clicking links in emails and instead visit the site manually.
Always Look for the Padlock
When buying items online, ensure that there is a closed padlock in the address bar. If there isn’t, your transaction is not encrypted, and anything you send could be intercepted by a third party. Legitimate online retailers will always process payment information over an encrypted connection. However, be aware that the padlock itself isn’t proof of a legitimate site, as free services such as Let’s Encrypt, and Cloudflare can provide SSL certificates to virtually any website. If you’re purchasing from an unknown retailer, then do your homework first. Look for reviews, check the site has contact information and remember the golden rule – if it sounds too good to be true, it probably is.
Beware of Fake Charities
It’s only natural that we feel a bit more giving around Christmas time. Scammers are aware of this too. Social media adverts and emails have been found to contain fraudulent appeals mirroring real-life campaigns. If you’re planning to make some charitable donations, then make them directly to the charity and not via a third-party, or through a link you’ve found online.
Beware of E-Cards
Environmentally conscious individuals increasingly prefer to send e-cards instead of traditional cards. If you receive one that requests you do something (click a link, download software, etc.) before it even tells you who it’s from, it may be a trap designed to download malicious software (malware or ransomware). Don’t open e-cards unless you recognise the sender and can be reasonably sure the card is legitimate.
Christmas Delivery Scam
In a real-world scam, victims of identity theft have reported receiving goods they didn’t order (such as mobile phones or games consoles) only for the delivery company to later phone up, claiming a mistake has been made and requesting to retrieve the goods. Inevitably, the person who comes to collect the “mistaken” delivery is the person who ordered the goods. In this scam, a person’s details have been used to obtain credit and purchase items fraudulently. If you receive anything you’re not expecting, then report it immediately to the sender and check your credit record for strange activity.
Ditto for Emails
Fake dispatch and delivery notifications are common and ramp-up at this time of year. The cybercrook hopes that in all the chaos of managing so many deliveries, you’ll let your guard down enough to click the links informing you about the item that’s been dispatched or the missed delivery. Keep your head and make sure you know what you’ve ordered, who from and when it should arrive. It might spoil the surprise, but try and let people know when you’ve sent them gifts too. Otherwise, you could click a link that tries to phish your information or put malware on your computer.
Be especially aware of the ‘Redelivery Fee’ scam where emails that appear to come from well-known companies like Royal Mail and DPD inform you that you’ve missed a delivery and need to pay a modest fee to book redelivery. The overwhelming majority of delivery companies do not charge for redelivery. In this scam, you will be sent to a phoney form intended to harvest your card details so that the scammers can make hundreds of pounds in charges to them, often while you’re sleeping.
If you receive such an email and suspect it might be genuine, a thirty-minute confirmation call to Customer Services is a lot less trouble than a thirty-minute call to your bank’s fraud department.
Email Attachments Can be Dangerous
You also want to ensure you’re not opening dodgy email attachments. Watch out for Word documents, PDFs and Excel spreadsheets attached to emails as all of these can be embedded with malicious macros or code. If an email looks legitimate but contains such a file, be certain that you know who sent it and why. Business owners often receive fake emails purporting to be from HMRC about corporation tax problems, whereas consumers may receive them about deliveries or invoices. If in doubt, contact the supposed sender.
Deceptive Online Games
You might give your children a new phone, tablet or gaming device this Christmas. Ensure that they’re aware of online games, particularly of the “pay to win” variety. Although not a scam, many mobile games use a microtransaction system where helpful items can be purchased in-game with a few clicks. Unaware parents have found their children have racked up bills of hundreds or thousands of pounds. Make sure that you are aware of any account that is linked to your payment information.
Looking for Love?
Many people receive emails daily from people claiming to have “found” their profile, even if no such profile exists. However, statistics show that at this time of year, more single people feel lonely and look for a new love on dating sites. Scammers know this too and set up fake profiles looking to hoodwink a few free gifts from unsuspecting users. If someone you’ve just met on a dating site begins to pressure you to send them gifts or spins a tale about a tragedy that has recently befallen them leaving them in need of money, be suspicious.
Avoid Christmas Screensavers
Scammers often like to take advantage of people trying to make their homes look Christmassy. You’ve put up lights, decorated the tree, covered everything but the cat in tinsel so why not add a fun looking Christmas theme to your computer? While legitimate vendors such as Microsoft, Apple, Google and Firefox might make such themes available, so too do a lot of crooks. That fun looking festive screensaver that you’ve downloaded from a previously unknown site could be doing all sorts of nefarious things in the background.
Make Sure Your Devices are Secure
The best thing you can do to protect yourself online is to have adequate security in place. A good firewall, anti-virus and anti-malware package helps to prevent malicious software installing keyloggers, ransomware or browser hijackers and keeps your information safe. Even so, be sure that any application you install is something you recognise. A still-common scam is for an antivirus you never installed to claim there are problems with your computer and demanding payment to fix them. It is highly probable the “antivirus” is itself malicious.
