Watch Out For These Top Holiday Cybersecurity Scams

December 4, 2018

Last year, over 1.5 billion consumers made purchases online, increasing global e-commerce sales to $2.3 trillion USD. This number is projected to rise to $4.48 trillion USD by 2021. 

As consumers continue to shop online and increase their reliance on mobile applications out of convenience, cyber criminals are keeping base by enhancing the sophistication of their scams. From shopping to booking vacations over the holiday season, consumers are increasingly at risk of being taken advantage of. Despite your organization or job title, we are all consumers.

We all have to be diligent and take a proactive approach in educating our employees, families, and networks about common signs of cyber scams – particularly at this time of year!

Here are some common red flags to look out for in order to avoid being scammed this holiday season:

Don't shop online via public Wi-Fi.

It's best to skip conducting any financial transactions online when using public Wi-Fi to connect to the Internet, regardless of whether or not the wireless connection is secured with a password. After all, determined hackers who know what they’re doing can easily crack into these connections.

Check for typos in the app name or website.

Since fraudulent retail apps cannot use the legitimate spellings of known retailers, they may have a very slight typo in the name that can easily be missed by most consumers. The same remains true for any fake websites created to mimic the real ones. This technique is known as “typosquatting” and is used to take advantage of common typos users make when searching for apps on their mobile devices or even website URLs. 

If the offer is too good to be true, it probably is.

Since holiday shopping can get expensive, we all have a tendency to look for the best deals, especially big ticket items like electronics. In order to target these consumers, hackers have started buying advertising (known as “malvertising”) on popular social media platforms, such as Facebook and Twitter. When clicking on an advertisement for a sale, look out for any, and all, signs that it could be fake. Simply put, if the offer seems too good to be true, it probably is.

Always browse securely.

Many popular browsers now have security controls in place to notify users if a particular website is SSL-secured. This can be verified by the presence of a locked padlock on the browser’s URL address bar. Secure websites also use https:// instead of http://. Always browse securely, especially if conducting financial transactions online as SSL-secured websites encrypt the data, making it significantly harder for hackers to access.

Always read the reviews.

While many consumers read reviews about products they’re looking to buy, they don’t check reviews on the retailer themselves. With the influx of boutique online retailers opening their virtual doors to consumers, each offering great new deals, it’s important to read reviews on retailers you’ve never heard of. What are other users saying about their experience? Does the retailer seem legitimate? Coming across only positive reviews is also a red flag — cyber criminals are getting smarter and may create fraudulent recommendations to attract new users.

Verify any email asking you to download an attachment with the sender directly.

Since many consumers ship holiday presents to friends and family living far away, hackers have begun impersonating popular postal mail couriers such as FedEx, UPS, Purolator, etc. Usually, these hackers send “delivery confirmation” emails to consumers, asking them to download malicious attachments for more information on the expected delivery. Instead of downloading the attachment, always call the customer service department (found on the legitimate website of the courier service) to verify the email first.

It’s our responsibility to ensure our cyber safety online. No matter what the season, we must all do our part in securing our digital presence.

If you have any questions or would like more information on how Herjavec Group is helping to secure enterprises globally, please connect with a Herjavec Group security specialist.

From all of us at Herjavec Group, enjoy a happy and (cyber) safe holiday!


About Herjavec Group

Dynamic entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. We have been recognized as one of the world’s most innovative cybersecurity operations leaders, and excel in complex, multi-technology environments. Our service expertise includes Advisory Services, Technology Architecture & Implementation, Identity Services, Managed Security Services, Threat Management and Incident Response. Herjavec Group has offices and Security Operations Centers across the United States, United Kingdom and Canada.

Stay Informed

Follow us on Twitter

Connect with us on LinkedIn