NEWS HOME

The 12 Scams of Christmas

Sunset Credit Union offers this information for both consumers and businesses, so you can avoid these common cyber traps. Cyber con artists target consumers’ money, identities, or computer access, and in addition, retailers lose $480,000 per hour as a result of Cyber Monday attacks, according to the Sterling, Va.-based analytics firm Neustar.

Here are a dozen of this season's top cyber threats, according to cybersecurity experts:

1. Holiday specials. Scammers often advertise big-ticket items to lure unsuspecting consumers to click on links. Bad guys build complete copies of well-known sites, send emails promoting great deals, sell products, and take credit card information—but never deliver the goods. These sites look like legitimate stores, but use these web fronts to collect sensitive information, including credit card numbers

2. Free vouchers or gift cards. A common Internet scam involves big discounts on gift cards. These sites usually request enough personal information for criminals to raid victims’ bank accounts. Often, these posts lead to online surveys designed to steal personal information.

3. Postal delivery failures. In this scam, targeted consumers receive bogus emails with subject lines such as, “USPS Delivery Failure Notification.” These emails then instruct consumers to click on a link to find out when they can expect delivery. Clicking on the link activates a virus, which can steal personal information such as usernames, passwords and financial account information stored on the victim's computer.

4. Ransomware, DDoS and site overload. Last July, the Internet Crime Complaint Center issued an alert regarding an increasing number of complaints from businesses hit by distributed denial of service (DdoS) extortion campaigns. In a typical extortion campaign, the targeted business receives an email threatening a DDoS attack on the company's website unless it pays a ransom.

5. Fake coupons and refunds. This involves scammers who create tantalizing fake email coupons that appear to be legitimate. This typically involves the use of an undetected keylogger that captures information typed by the victim, including URLs, user names and passwords, and sends it off to the criminal.

6. Phishing on the Dark Side. A new email has begun circulating that tricks people into thinking they could win movie tickets for the highly-anticipated film, “Star Wars: The Force Awakens,” due out on December 18. However, the email is a phishing attack in disguise.

7. Charity tricksters. The holidays are traditionally a time for giving, but they also bring cybercriminals who attempt to pry money away from people who mean well. Consumers should be skeptical of communications from charities that ask for contributions, and make sure they are legitimate. It's also a good idea to contact the charity directly to verify the request.

8. Extra holiday money. The most innocent versions of these scams collect confidential information such as Social Security numbers from victims on required forms, and later use them to commit identity theft. The worst versions of them get victims involved in money laundering.

9. The search trap. Bad guys do their research to find out what consumers want, then they build websites that promise the item to their victims. If you’re seeking a particular deal you should go directly to the store's website instead of using a search engine.

10. Open Wi-Fi. People often bring their laptops, tablets and smartphones to the mall to browse gifts and search for deals online, but they must understand—scammers can trick these shoppers by emitting what appears to be a free Wi-Fi signal. If the shopper hops on it, the scammer can gain access to his or her credit card information. Experts advised consumers to never complete a credit card transaction while using a public Wi-Fi connection.

11. Grinch e-card greetings. These malicious email attachments look like an e-greeting card from a friend or co-worker, with dancing reindeer, holiday music and all. However, they contain viruses or malware that could infect the recipient's workstation.

12. Not-so-secure EMV cards. The Federal Trade Commission reported scammers are trying to take advantage of the millions of consumers who haven't yet received chip cards from their banks, by emailing them and posing as card issuers. These fraudsters coerce victims to share personal information by updating their accounts or clicking on links that install malware on their devices.

Previous article

NEWS HOME