Geraldine Strawbridge

Geraldine Strawbridge is a graduate from the University of Glasgow. As the Editor of Cyber Radio, Geraldine is focused on delivering the latest cyber security news whilst making cyber security more relatable to people in their everyday lives.

Top 5 Christmas Cyber Scams

The countdown to Christmas is now well and truly on! The streets are bustling with shoppers, the lights are twinkling, children are writing their lists to Santa and despite being the season of goodwill there are criminals lying in wait ready to scam unsuspecting victims.

In 2017, UK consumers spent up to £80bn throughout the festive season and this spending bonanza acts as an absolute magnet for criminals who are keen to get a slice of the action.

The crooks know it’s the one time of the year when people let their guard down. Shoppers are straying onto sites they don’t normally visit, inboxes are full of eCards and delivery notifications, and fraudsters use this flurry of online activity to launch mass phishing scams.

Action Fraud’s latest report shows 15,024 shoppers were tricked by fraudsters over Christmas 2017, with total losses amounting to more than £11 million.  These figures are only expected to rise as phishing scams become more sophisticated and targeted.

To reduce your chance of falling victim to these online fraudsters, we’ve listed the top 5 Christmas cyber scams that you’re likely to encounter throughout the festive season.

Fake Delivery Emails

The most popular type of seasonal phishing attack is linked to logistics. The criminals know that as Christmas approaches, people are sending lots of packages to friends or families or expecting the delivery of parcels themselves.

Victims will receive emails from what appears to be a legitimate courier company informing them that they’ve missed the delivery of a parcel and to click on a link to select a new delivery time.

The fraudsters will create a sense of urgency by warning that the package will not be delivered in time for Christmas if you do not follow the direct instructions. Upon clicking the link, you will be taken directly to a phishing website or your computer will be infected with malware.

Christmas eCards

eCards have become a very popular and inexpensive way to send friends and families a card at Christmas. They come in lots of different formats and often include an audio or visual element. Cybercriminals have been quick to take advantage of this online format and use it as a guise to trick victims into downloading and installing malware.

As soon as you click on the link to view your card, there’s a good chance you’ll be downloading adware, spyware or a Trojan virus onto your computer. Red flags that an eCard is malicious include; spelling mistakes, an unknown sender or a link or attachment that ends with “.exe,”. This can indicate an execute command which may install a virus onto your PC.

Seasonal Offers

It can be hard to resist the lure of a cheap bargain online, especially at Christmas, but these too good to be true offers usually are! Criminals will often create a fake page imitating a well-known brand, then pretend to offer a real promotion. These scams are often set up specifically to harvest user data and will require the input of personal information.

Gift Card Survey Scams

Fraudsters will often create fake Christmas promotion pages that claim to be associated with big brand names. The pages are full of offers to win expensive prizes, vouchers and gift cards, and all you have to do to be able to enter is like the fake page and share the promotion with your friends.

The next condition of entry is to complete an online survey to verify your identity. This is just a cunning way to harvest your personal or banking details. Always be wary of any promotion that claims that you must like and share material or participate in online surveys to enter.

 Charity Phishing Scam

Cybercriminals are extremely devious and know that people will tend to be more charitable at Christmas and donate to those less fortunate. To exploit this goodwill, the crooks set up fake phishing websites designed to look exactly like the genuine website of reputable charities.

As soon as you enter the fake site, you will be asked to donate by providing your credit card details and personal information. The criminals will then use this data to steal your money or commit identify fraud. When donating to charity it’s always best to go directly to the charity’s website and never follow a link within an email.

To protect yourself from seasonal scams there are a number of top tips you should follow:

  • Never click on links or download attachments from unknown sources.
  • Always verify the security of a website – Legitimate sites will always be secured using a ‘HTTPS’ certification.
  • Pay close attention to the spelling of an email address, if there are any inconsistencies, delete immediately.
  • Ignore and delete emails with poor grammar and formatting.
  • Remember – Reputable companies will never ask you to supply personal information in an email.
  • Beware of email offers – If an offer seems to good to be true, it usually is!
  • Be careful what you post online.
  • Use strong passwords to reduce the chance of devices being hacked.