Holiday 2012 — Security News and Advice
The holidays are just around the corner and while we are busy buying gifts and making travel arrangements, cybercriminals are making their lists, and checking them twice, as they prepare to unleash a host of scams designed to take advantage of the seasonal surge in online shopping and sharing. Since it only takes one scam to spoil your holiday season, it’s a good idea to get familiar with our list of the 12 Scams of the Holidays, and learn how to avoid them.
1) Social media scams—Many of us use social media sites to connect with family and friends over the holidays, and the cybercriminals know that this is a good place to catch you off guard because we’re all “friends,” right? Beware of too-good-to-be-true deals and phony contests since many try to get you to reveal personal information. Also, be suspicious of phony “work from home” jobs that ask you to pay for “startup kits.”
2) Malicious Mobile Apps—As the popularity of apps has grown, so have the chances that you could download a malicious app designed to steal your information or send out premium-rate text messages without your consent. Consider this: a recent study found that 33%1 of apps asked for more information than they need.
Only download applications from official app stores and check other users’ reviews, as well as the app’s permission policies, before downloading.
3) Travel Scams—Visiting family and friends is a big part of the holidays, and that often means searching online for deals on airfare and hotels. Just remember, scammers will be trying to hook you with too-good-to-be-true deals just to get you reveal your financial details. Always research the travel site before you book.
4) Holiday Spam/Phishing— Get ready for the spam you normally receive to take on holiday themes. Cheap Rolex watches and pharmaceuticals may be advertised as the “perfect gift” for that special someone. Remember never to respond to a spam email, or click on links within the email.
5) iPhone 5, iPad and other hot holiday gift scams—The kind of excitement and buzz surrounding the new iPhone 5 is a cybercriminal’s dream. They will mention must-have holiday gifts in phony contests and on websites as a way to grab your attention, and get you to reveal personal information or click on a dangerous link.
6) Skype Message Scare—Using Skype to connect with your loved ones may seem like an innocent way to spread holiday cheer, but cybercriminals are out to spoil that too. The latest threat comes in the form of an instant message from someone you know saying, “Lol is this your new profile pic?” If you click on the included link, a malicious program is downloaded to your hard drive, and the dangerous link is sent to all of your Skype contacts. It can even hold your computer files for ransom!
7) Bogus gift cards—Gift cards are popular holiday gifts and cybercriminals want to get in on the action by offering bogus gift cards online. Be wary of buying gift cards from third parties; it’s best to buy from the official retailer.
8) Holiday SMiShing— “SMiShing” is phishing via text message. Just like with email phishing, the scammer tries to lure you into revealing information by pretending to be a legitimate organization. Since many of us like to keep a close eye on our bank accounts during the holidays, be wary of SMiShing messages that appear to come from your bank, asking you to verify information or visit a phony webpage. Learn more about SMiShing and how to protect yourself from these scams here.
9) Phony E-tailers—Fake e-commerce sites will try to lure you into giving up your credit card number and other personal details, often by promoting great deals. That’s why it’s best to only shop on trusted e-commerce sites. For other online shopping tips, read our safe shopping e-guide.
10) Fake charities—During the holiday season many of us open up our hearts and wallets for good causes. The bad guys know this, and send spam emails advertising fake charities. If you want to give, it’s always safer to visit the charity’s legitimate website, and do a little research about the charity before you donate.
11) Dangerous e-cards—E-Cards are a popular way to send a quick holiday greeting, and while most e-cards are safe, some are malicious and may contain spyware or viruses that download onto your computer once you click on the link to view the greeting. Look for clues that the e-card is legitimate by checking the web address of the included link and make sure that the sender is someone you actually know.
12) Phony classifieds—Online classified sites may be a great place to look for holiday gifts and part-time jobs, but beware of phony offers that ask for too much personal information or ask you to wire funds via Western Union, since these are most likely scams.
How to Protect Yourself Against Scams During the Holidays, and Year-Round:
- Stay suspicious—Be wary of any offer that sounds too good to be true, and always look for telltale signs that an email or website may not be legitimate, such as blurry images, misspellings, poor grammar, or suspicious links.
- Practice safe surfing—Find out if a website is potentially dangerous before you click on it by using a safe search plug-in such as McAfee SiteAdvisor® software. SiteAdvisor software displays easy-to-read red, yellow, and green checkmarks to rate websites when you search for them.
- Practice safe shopping—Stick to reputable e-commerce sites and look for a trustmark that indicates that the site has been verified as safe by a trusted third-party, like the McAfee SECURE™ trustmark. Also, look for a lock symbol and “https” at the beginning of the web address (as opposed to just “http”) to verify the site uses encryption to protect the information transferred to the website.
- Use strong passwords—Create strong passwords, avoid using the same password for your important accounts, and never share your passwords with anyone. Learn how to create foolproof passwords here.
- Be careful when clicking—Don’t click on any links in messages from people you don’t know, and if you come across a shortened URL, use a URL expander to see where the link is directed to before you click.
- Use a comprehensive computer security—You need complete protection that includes antivirus, antispyware, and antispam, and then make sure it stays up-to-date. McAfee® All Access helps you protect all of your devices, including PCs, Macs, smartphones and tablets.
- Educate yourself—Keep current on the latest scams and tricks cybercriminals use so you can avoid potential attacks.