3 Cyber Scams To Avoid This Holiday Season

November 27, 2019

As Black Friday and the holiday season approaches, the number of financial transactions made online will skyrocket. In fact, digital spending during November and December is expected to reach $143.7 billion, up 14.1% from a year ago.

We all know convenience is key when it comes to holiday shopping. As a result, employees often use personal devices on corporate networks, or use corporate devices for personal uses.

Whether or not your business employs a Bring Your Own Device (BYOD) policy, it is essential that businesses and consumers alike be wary of the many ways that cyber criminals exploit the season to carry out holiday-specific cyber scams.

At home or at work, good cyber hygiene begins with awareness and education. Here are 3 popular cyber scams to avoid this holiday season.

Fraudulent Shipping Notices

Hackers are using the drive to e-commerce platforms during the holiday season as a way to target unsuspecting consumers with fraudulent shipping notices. By enticing users to confirm shipping or track packages by clicking a fake email link, hackers are able to compromise devices or entire networks.

What Should You Do?
  • If you receive an email that asks you to log in to see shipping status or other notification, don’t click the link directly in the email. Log into the shipping carrier’s website independently to review any account changes.
  • If in doubt, search the shipment carrier’s customer service phone number and verify by phone if the notice you received was legitimate.

Fake Shopping Websites/Retail Apps

Many consumers now rely on shopping online or using apps developed by retailers to shop through their mobile devices. Cyber criminals are also leveraging these platforms to target consumers by developing their own counterfeit mobile applications or designing websites to mimic that of a legitimate retailer.

What Should You Do?
  • Check for typos in the app’s name or website domain name. Cyber criminals routinely use common typos in the name or a slight alteration of the logo to lure users.
  • Be wary of offers that promise significant savings, beyond what is considered ‘normal’. If an offer is too good to be true, it probably is.
  • If you are shopping through mobile applications, always read the reviews before downloading the app for a niche retailer. In addition, if you only come across positive reviews, consider it a red flag as cyber criminals may have created fake recommendations to attract new users.
  • If shopping online, always browse securely (ensure the URL has https://) and avoid conducting any financial transactions over free public Wi-Fi.

Fake Charities

According to the Non Profits Source, 30% of all annual giving occurs in December and hackers are using this time to capitalize on that. By creating fake GoFundMe pages, using other crowdsourcing methods to raise donations for a fraudulent cause, or mimicking websites of real non-profit organizations, cyber criminals are able to scam people out of money and compromise devices/networks.

What Should You Do?
  • Do independent research on the cause before donating.
  • If possible, make donations online or better yet, in-person. Under no circumstances should you donate on the phone before independently verifying that the cause is legitimate.
  • If donating on crowdsourcing websites, stick to local campaigns or ones you can verify personally (through a friend or another trusted source).

The holiday season provides a very easy avenue for criminals to exploit the average consumer who may not be well-versed in spotting cyber scams. This can also be troublesome for enterprises since employees may choose to shop online or download malicious apps on their work devices, putting corporate data at risk as well.

To learn more about how Herjavec Group is advancing the security profiles of enterprise organizations around the world, contact us below.


About Herjavec Group

Dynamic entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. We have been recognized as one of the world’s most innovative cybersecurity operations leaders, and excel in complex, multi-technology environments. Our service expertise includes Advisory Services, Technology Architecture & Implementation, Identity Services, Managed Security Services, Threat Management and Incident Response. Herjavec Group has offices and Security Operations Centers across the United States, United Kingdom and Canada.

Stay Informed

Follow us on Twitter

Connect with us on LinkedIn