Top 4 cyber scams to watch out for this Christmas

Much like your local burglar, cybercriminals see the festive season as an opportunity to profit from everyone’s lack of attention, possibly whilst munching on a mince pie. Food for thought.

The sad truth is that Christmas is when you need to be extra vigilant to protect your business and yourself from online scams.

Here, we share our top 4 cyber scams to watch out for this Christmas.

1. Phishing scams

What is it?

A phishing scam is still the number one cyber scam. It is when cybercriminals impersonate legitimate companies or people known to you in emails or messages, to get you to part with your hard-earned cash or steal personal information. For example, they may pretend to be a retailer, your bank, a delivery company, a colleague or a brand.

When you click on the link or open an attachment you give the cybercriminal access to sensitive personal and business data, and chances are they will install malware to gain access to your IT system.

What does it look like?

A phishing scam is an email, text or SMS message (for which the attacks are known as ‘smishing’) that grabs your attention by typically saying there’s a problem with a purchase or your account, or you need to provide some additional information. There is usually a sense of urgency so that you are encouraged to act quickly without thinking.

What can you do about it?

• Do not click on any link without carefully considering its legitimacy
• Check the sender’s email address is legitimate – look carefully for spelling differences and unusual formatting
• Check the sender’s company name exactly matches the one you have been dealing with
• Never download an attachment from an unknown sender
• If the message or email appears to come from someone you know but you are suspicious of, ask them in a separate message if they have sent it to you
• Be aware of urgent language
• If you discover that the email is a phishing scam, block the sender from being able to contact you again.

2. Fake ads and eCommerce websites

What is it?

Ads on social media are directing shoppers to fake eCommerce websites that offer enticing deals. In some cases, those websites are pretending to be legitimate, well known retailers. On the fake sites, people click on links that allow cybercriminals to steal personal data or install malware. With so many people looking for deals at Christmas, fake ads and eCommerce sites are becoming more sophisticated.

What does it look like?

• Pop-up ads
• Social media ads
• Messages and emails offering too good to be true (because they are) deals

What can you do about it?

• Only shop on verified websites that have the padlock symbol and ‘https’ in the URL
• Shop on websites and retailers that you have had a good experience with, and you trust
• Remember, if it’s too good to be true, it probably is
• Don’t trust ads that look poorly designed
• Research the company on the advert, including their address to see if it actually exists
• Use secure payment methods that offer fraud protection.

3. Fake charity scams

What is it?

Cybercriminals have no scruples whatsoever, so pretending to be a charity is right up their alley! They impersonate well known and beloved charities on emails and text messages, asking for donations. When well-meaning people click to donate they are sent to a cloned website where their money is taken or their personal details are stolen. As those details will inevitably include banking information, it puts the victim at serious risk.

What does it look like?

• Emails and messages that appear to be from well-known charities, asking for donations
• Emails and messages from organisations unknown to you, asking for donations
• Urgent appeals that include a time-sensitive need
• Payments requested through unusual means, such as wire transfer and gift cards.

What can you do about it?

• Thoroughly research the charity and, if found, check that the details are exactly the same as on the email or message
• Donate through well-established charity websites
• Check if the charity is on the Charity Register where most charities with an annual income of £5,000 or more must be registered
• Don’t click on any links if you are unsure. Instead, approach the legitimate charity via a search engine.

4. Gift card scams

What is it?

There are various types of gift card scams.

• Cybercriminals impersonate a colleague or senior executive by sending an email that looks like it is from them, asking for the purchase of gift cards which should be sent back to them immediately. The email will probably make out they are for client gifts.
• Criminals pretend to be someone you know who is asking for a gift card as a present. They want the code on the card to spend it themselves, while your friend is none the wiser
• Payment for goods or services is requested by means of gift cards, which is an untraceable payment method.

What does it look like?

• An email from a colleague that may not use the same kind of language or tone that they usually use
• An email from a friend asking for a gift card for Christmas which doesn’t ‘sound like them’
• Payment requests for goods or services insisting that gift cards be used.

What can you do about it?

• Call the colleague to check the request is legitimate
• Contact the friend to ask if they sent the request for a gift card
• Never pay for goods or services with a gift card. No reputable company would ask you to do that.

How to keep your business safe from scams this Christmas

Urge your staff to be vigilant over the Christmas period, both for the sake of the business and themselves. Tell them to be cautious with emails and messages that have links, and encourage them to only shop on reputable eCommerce websites.

For your business, you should ensure that you have robust cybersecurity measures in place, that all users have strong and unique passwords, and that all devices have the most up to date software installed. Two-factor authentication should be activated wherever possible.

E2E Technologies help businesses to stay safe online, and our services are not just for Christmas! Get in touch for more information about our Managed IT and cyber security packages.