With Christmas fast approaching and holiday shopping advertisements popping up online and off, an article from Internet.com says security software vendor McAfee has rolled out its tongue-in-cheek nod to partridges and pear trees everywhere with its "Twelve Scams of Christmas" list for 2010.
According to Forrester Research, online shoppers last year spent more than $45 billion during the holiday season, giving online thieves and hackers plenty of incentive and opportunity to ply their illicit scams.
So before you go clicking away at your favorite e-tailers, grab a mug of cider and take a quick gander at this list of old and new scams to avoid:
1. iPad Offer Scams
It should come as little surprise that the popular tablet PC is being used as the bait for a variety of phishing and identity theft scams. As a matter of fact, Apple (NASDAQ: AAP) itself had to deal with these bogus free iPad offers on Ping, the social network built into its iTunes platform.
McAfee researchers said the typical spam version of the con asks people to buy other products and provide their credit card numbers and other personal information to get the free iPad. A social media variation prompts community members to take a quiz, but have to provide their cell phone information to receive the results. Instead of getting an iPad, they find out they’ve unknowingly signed up for a bogus service that costs them $10 a week.
Related Articles
- SideJackers Gear Up for Online Shopping Season
- Apple Hustles to Rid Ping of Spam
- PayPal Fixes iPhone App Security Flaw
2. "Help, I’ve Been Robbed"
This one is expected to become much more prevalent throughout the hectic holiday travel season. Basically, after infiltrating a user’s social networking profile, a missive is sent out to all the user’s contacts and family members, advising them that the person is stranded or otherwise in distress and needs money to be wired or transferred to get them out of the jam.
3. Fake Gift Cards
A number of prominent online and bricks-and-mortar establishments have dealt with this scam this year. Basically, the scam artists use Facebook or Twitter or some other online forum to promote fake gift cards in order to steal users’ IDs, passwords and, eventually, bank accounts.
"One recent Facebook scam offered a ‘free $1,000 Best Buy gift card’ to the first 20,000 people who signed up for a Best Buy fan page, which was a look-a-like," McAfee researchers said. "To apply for the gift card they had to provide personal information and take a series of quizzes."
4. Holiday Job Offers
Need some extra cash for the holidays? So do the cybercrooks.
The most common variation found by security researchers is one in which the thieves use Twitter to send out malicious links promising high-paying, work-from-home gigs that, of course, require information like your name, Social Security number and home address.
The best advice for how to respond to these? Avoid at all costs.
5. Beware of "Smishing"
"Smishing" is phishing via SMS texts. It’s all the rage with the young hackers. The unsolicited texts are sent to a cell phone and appear to be legitimate and from the recipient’s bank or a prominent online retailer.
Usually, the texts warn that something is wrong with the account and then asks the user to call a number to verify the account information or fill in data online. Often and ironically, they present the ruse of a breach of a user’s account or other security issue to get the victims to divulge the details they need to rip them off.
6. Suspicious Holiday Rentals
This one is fairly straightforward. Online crooks post fake holiday rental sites asking for down payments on cabins or cabanas via credit card or wire transfer. The hope is that the excitement of a holiday trip to the mountains or the beach will be enough to get just a few people to let down their guard and loosely give out their most sensitive data.
7. Recession Scams
Down and out during the holidays? Cybercriminals know just how to kick when you’re down, offering pay-in-advance credit schemes and other offers of nonexistent prequalified, low-interest loans and credit cards for simply paying a "small" processing fee. The cards and loans never materialize. As usual, if it sounds too good to be true, online or off, it almost assuredly is.
8. Ye Olde E-Card Scam
E-cards are convenient, cheap and thoughtful. They also provide a really easy way for malware authors to send and spread malicious links and attachments in a hurry. Worse, if someone has gotten into your Facebook or LinkedIn account, all your contacts will probably soon be receiving tainted greetings that appear to come from you.
9. Not-Such-A-Great-Deal Deals
McAfee and other security software vendors are warning online shoppers to be on the lookout for products like smartphones, games, HDTVs and others that are offered online at dramatically lower prices than they’d normal sell for at the mall.
Some online crooks are using spoofs of eBay, Craigslist and other websites to offer unbelievable deals on popular products only to take consumers’ credit card numbers or process the transaction without ever delivering the goods.
10. Charity Scams
Cybercrooks aren’t above using your good nature against you. Be on guard for random phone calls and spam emails asking for donations to a variety of worthy-sounding organizations. More often than not, these pleas are just come-ons to get your money or your personal information. If you’re interested in being charitable, make a phone call or visit the website directly.
However, be aware that some cons have set up passable fake websites for the Red Cross and other organizations in the past, often using URLs that are slightly altered or misspelled to trap their victims.
11. Download at Your Own Risk
Holiday screensavers, funny elf cartoons and music are all part of the seasonal celebrations. And that’s exactly what makes them appealing targets for malware mavens. Make sure your antivirus software is updated and always give any IM or email attachment a thorough examination before launching — even if you think you know who it’s from.
12. The Wi-Fi Hustle
Hotels, airports, coffee shops, malls and all the other places people tend to find themselves during the holiday are also the same places that often offer free Wi-Fi connectivity. Of course, Wi-Fi hotspots aren’t exactly the most secure source of broadband, and hackers and thieves like to stake out these locales in the hopes of snaring a stray Visa number or a user’s BofA login credentials.
Security experts advise Internet users to stick to well-established and trusted websites for their holiday shopping, avoid any unsolicited emails, IMs or other correspondence sent to their PCs or mobile devices and to always preview a Web address before clicking on it and to use good old common sense wherever they’re conducting a financial transaction.
Larry Barrett is a senior editor at InternetNews.com, the news service of Internet.com, the network for technology professionals.