Holiday Shopping Hazards
Shopping online can save you time during the hectic holiday season, but it also comes with risk. While shopping scams happen year-round, cyber-attacks tend to surge during the holidays. It’s especially important during the holiday season to carefully examine any email that asks you to click a link, download a file, or confirm login credentials or payment information.
When shopping online you can often expect the checkout process to trigger a flurry of emails, texts, and other communications. Online shoppers expect to receive order confirmations, electronic receipts, and shipping notifications — not to mention countless alerts about special discounts, sales, and rewards. Scammers leverage these expectations to their advantage, creating convincing phishing emails to mimic these anticipated communications. Scammers also know that people are often distracted during the holidays and disguise their intent as legitimate holiday-related commerce communication. Be sure to stay extra cautious and diligent while shopping online during the holiday season.
Fake Retail Emails
Scammers often send phishing emails that seem to come from recognized department stores, e-commerce sites, and other large, popular retailers. Because consumers already expect to get emails from these legitimate brands, often they fail to notice a well-disguised phish.
Often these fraudulent emails play on fear. For example, you might receive a fake notification that warns you’ve been locked out of your account. The email will likely request that you verify your identity in order to steal your login credentials or other personal information.
Another common variation uses the lure of large discounts or other rewards. Unfortunately, offers that seem too good to be true, often are. Instead they scam is attempting to steal your money or information.
Shipment Notifications
Scammers have successfully mimicked emails that appear to come from shipping services for a long time. These phony shipping emails become more frequent during the holidays.
Because online orders are expected to arrive before a specific date during the holidays, it is easy to create a sense of urgency or panic around a delayed shipment — especially when it comes to last-minute gifts. If you’ve been shopping online, you are likely to pay attention to an urgent email about a package that couldn’t be delivered.
These phishing emails use convenient timing and content to trick you into clicking a link or opening an attachment without thinking. The email could contain a malicious attachment or link disguised as a fake invoice or notification that can infect your device when downloaded or clicked.
Flight Scams
Scammers often attempt to lure to users to fake flight reservation sites by clicking on links in phishing emails that claim to provide flight booking confirmation updates or receipts. The scammers hope to trick you into clicking a malicious link and enter your personal or credit card information.
Keeping security top of mind is especially important when you are planning to travel during the holidays. Extra precautions are necessary in order to avoid taking risk actions and to identify any potential threats. Even if an email looks legitimate, be sure to verify it with the company. Be sure to use direct forms of communication, like through the company’s website or their direct phone number, instead of replying directly to the email. Spammers aren’t afraid to respond to you and imitate the company, further enforcing their false credibility.
Don’t let holiday pressures rush you into snap judgments.
It’s always better to err on the side of caution.
What Can I Do?
The best way to avoid holiday phishing attacks is to carefully examine any email that prompts you take action. Because scammers can easily imitate brand logos, “From” addresses, and signatures, you must be cautious and investigate.
Ask yourself:
- Am I sure about where this message came from?
- Does this message seem odd compared to others I’ve gotten from this sender in the past?
- Is this message confusing or does it mention an account or purchase that I don’t recognize?
- Is this message urging me to act quickly or trying to frighten me by mentioning problems with an account, purchase, or shipment?
- When I hover my mouse over the “From” address and web links, do I see anything unexpected or suspicious?
Cyber-Smart Shopping
Keep these tips in mind this holiday season:
Slow down
Don’t let holiday pressures rush you into snap judgments. Carefully examine any email or message that urges you to act quickly. If you’re not completely positive that a message is safe, it’s always better to err on the side of caution.
Stick with what you know
To avoid falling for online imposters, be sure to only interact with trusted websites, preferably those you have used in the past. If you do decide to shop at less-familiar sites, be sure to do your research before engaging or making a purchase.
Watch for scam sales
There’s a difference between a great deal and an unbelievable deal. Fraudulent ads may promise luxury goods at very low prices, or the opportunity to purchase a sold our or limited release item. If it sounds too good to be true, it usually is.
Source: Proofpoint
