With the holiday season right around the corner, cybercriminals are ramping up their efforts to initiate spam and scam campaigns through different mediums, with the most popular being email and third-party sites. As holiday shopping gets underway, consumers normally come across enticing online deals and discounts on goods that friends and family might’ve kept an eye on throughout the year. Behind the millions of organizations attempting to attract as many customers as possible are malicious actors who also have similar motivations to capitalize on unsuspecting shoppers.
Black Friday, Cyber Monday, and Christmas are generally the time periods when spam and cyber scams increase in frequency. Between Thanksgiving and Cyber Monday, buyers are typically exposed to more sales ads, which explains why worldwide fraud attempts soar by 82% during this time of year. These three occasions act as golden opportunities for cybercriminals to exploit customers and cause significant damage, both financially and psychologically.
Here’s a glimpse into the reasons why seasonal holiday spam and email-based phishing scams commonly surge during the end of the year:
1. Increased online activity. When shopping for loved ones, we’re often on the lookout for attractive offers, many of which can be found in our inboxes. Sometimes, individuals tend to overlook the legitimacy of the sender and content within the email, so natural instincts might cause people to click on infected attachments or links. Especially with hundreds of holiday emails being sent throughout November and December, it can be a challenge to identify real deals from fake ones sent by masquerading thieves.
2. Bargain hunting during an intense inflationary period. The saying, “desperate times call for desperate measures,” truly represents what many experience when doing holiday shopping during a time when inflation has remained high. In hopes of getting a good bargain, recent studies within the past year indicate that 77% of Americans would willingly take any action necessary to reduce costs, even if that means risking their personal information. In such cases, the desire to attain an appealing discount overrides the need to safeguard personal security, which increases the risk of unfortunate scams.
3. Reduced vigilance due to increased work-life activities. The end of the year is generally a busy time for a lot of people as they try to meet deadlines at work and shop for their families simultaneously. A rise in responsibilities at work and in individuals’ personal lives can allow scammers to catch people off guard. Bad actors have also been found impersonating corporations such as Netflix, Amazon, and Lowe’s, giving them the ability to carry out socially engineered attacks more easily.
One of the most common forms of a socially engineered scam during the holidays includes requests for monetary or gift donations to charities usually sent via email or text message. Indeed, such messages are suspicious, but many donate around the holidays, so their generosity is often taken advantage of. Smishing attacks are also widespread during the holidays. People receive deceptive texts from fraudsters claiming to be USPS or UPS, stating that the receiver’s “package was unable to be delivered.” Many have fallen for such attacks in the past due to the anticipation of package deliveries around the holidays.
Often, deals seem too good to be true, and it’s something we’ve all dealt with at some point in our lives. Here’s a simple guide to becoming a spam- and scam-savvy shopper to keep you safe during festive times:
1. Practice caution when shopping online. Around the holidays when browsing and buying products online through sites such as Facebook Marketplace, NextDoor, and Craigslist, be sure you’re extra cognizant of the vendor supplying items to you. Such sites are made up of third-party sellers, some of whom may be genuinely interested in selling their goods, while others might have ill intentions. Learn to identify red flags that might be indicative of a scam attempt. A few factors to look out for include upfront payment demands, suspicious seller profiles with little to no reviews/ratings, and suppliers requesting to use platforms other than the original one (e.g., Facebook Messenger) for communication. However, try to shop on retailers’ and businesses’ official websites when buying products to be on the safe side as it lowers the risk of getting scammed.
2. Use a secure connection and payment method. When shopping online, ensure that your Wi-Fi connection and the website URL are both secure. To do so, avoid using public Wi-Fi and check for a lock in the upper left-hand corner of your browser like so:
Another good practice involves checking whether or not the web address on the shopping site starts with “https:” instead of “http:” because the “s” in the former option indicates that the website is secure and encrypted for protection.
3. Avoid providing personal or financial information to unknown sources. This step is a given, but ensuring that you don’t enter sensitive information such as your name, address, phone number, or credit card details on multiple different sites during the holidays is important for preventing unsolicited spam messages and contacts from external parties. It’s also a general rule for identity safety.
We hope that your holidays remain free of troubling cyber grinches!
By Rosey Saini
This article originally appeared on Journey Notes, the Barracuda blog.
