Top 5 Holiday Cyber Scams

Zack ConoverNetwork Security

It’s that time of year again where snow covers the ground, shoppers begin to check items off their Christmas list, and scammers wait in silence to steal your private information. Before you whip out that credit card, make sure you aren’t falling for these top 5 holiday cyber scams.

From fake Facebook pages to phishing emails, cyber scammers have always preyed on unsuspecting shoppers during the holidays. As online shopping increases, so does the need for network security. Cyber threat intelligence company RiskIQ warns people of the increased risk, especially for smartphone users. During Black Friday and Cyber Monday in 2017, “companies earned $19.6 billion in sales from online shoppers alone”, according to the company.

“As a consumer, it’s important to pay attention to detail while shopping online and pay attention to your surroundings,” Yonathan Klijnsma, a researcher at RiskIQ, told Wired. “There are usually clues that can help you identify something potentially malicious.”

Check out these top 5 examples of holiday cyber scams to watch out for this season.

Fake Facebook Pages

Cyber scams will guarantee coupons, giveaways, or gift cards as long as shoppers share or like their social media posts. This strategy is known as “like farming” and is widely used by cyber scammers to steal a user’s personal and sensitive information.

“When the scammer collects enough likes and shares, they will edit the post and add something malicious. That’s often a link to a website that downloads malware to your machine. Other times, once scammers reach their target number of likes, they strip the page’s original content and use it to promote spammy products. They may also resell the page on the black market. These buyers can use it to spam followers or harvest the information Facebook provides,” according to the BBB on their website.

The BBB further warns users to be cautious of these holiday cyber scams when entering sensitive information. Be wary if the social post is offering a reward for a like or share. Avoid sharing social posts from Facebook pages that you aren’t familiar with.

“Scammers are counting on getting as many mindless likes as possible, so be sure you only ‘like’ posts and articles that are legitimate. Don’t help scammers spread their con,” says the BBB.

Look-Alike Websites

Shoppers across the nation will see a large increase in email notifications announcing special offers and new products. While these emails seem legitimate, the embedded links could lead to look-alike websites created to trick users into entering sensitive information. This gives holiday cyber scammers the opportunity to download malicious malware onto your computer or smartphone. Fortunately, users can protect themselves by:

  • Double-checking the email sender’s address. Businesses often send emails with a proprietary address like, not example@bb&
  • Check for grammatical or punctuation errors in the email.
  • Always hover over links WITHOUT clicking to check where they will take you. If the link looks suspicious, it’s probably fake.
  • Enter sensitive information into a web address beginning with “https”, because the “s” means that the website is secure and the information is encrypted for protection.

Fake Apps

Fake apps are promoted by cyber scammers for shoppers to download malicious malware. Much like the fake websites, fake apps mimic major retailers with look-alike brand names and logos. These graphics or names will usually be off by one special character or letter. The fake apps claim to have outrageous deals for the holidays that are usually too good to be true.

“If it’s something you’re not familiar with, then you want to do your research before you put anything on your phone,” Melanie McGovern of the BBB told WHAM. She later stated, “If they’re telling you to download it through Facebook or download it through another third party, that’s when you know it’s time to step back and say maybe I don’t want to do this.”

Consumer Reports created a list of best practices for users and shoppers to follow before downloading a new app:

  • Check for grammatical or punctuation errors in the email.
  • Don’t allow access to your location or social media profiles.
  • Only download from a verified company or source you trust.
  • Search online to read reviews of the app.

Text Message Rip-Offs

During the holiday season, cyber scammers will send out text message blasts to a list of random numbers hoping to steal sensitive information. Users who receive text messages regarding gift cards or major retailer coupons should use caution.

In the text message, scammers encourage users to click an embedded link to redeem their prize. Once clicked, users will enter a website prompting them to provide sensitive information. The fake website may look legitimate, but it is just another way for shoppers to fall for holiday cyber scams.

Check out this list of best practices to avoid text message rip-offs:

  • If you did not sign up for text message alerts from that retailer, then it is probably fake.
  • Check for grammatical or punctuation errors in the text or email.
  • Check the web address in the text message for legitimacy.
  • Block the number if you do not recognize it.

Phishing Email Scams

Like text message rip-offs, holiday cyber scammers can also promise gift cards or major retailer coupons prompting users to open phishing emails. Users will be redirected to a fake website once the email link is clicked. Once again, this is an attempt to steal sensitive information.

“Consumers should remember that urgent requests for personal information or calls for immediate action are almost always a scam,” according to Bank of America on Fox News.

Major retailers like Amazon urge shoppers to report suspicious activity and encourage users to never engage with or click to open attachments regarding orders shoppers did not make.

“Amazon will never send you an unsolicited e-mail that asks you to provide sensitive personal information like your social security number, tax ID, bank account number, credit card information, or ID questions like your mother’s maiden name or your password,” Amazon confirmed on its website.

Think Twice Before You Click

This holiday season, TechKnowledgey encourages shoppers and users to think twice before clicking. Holiday cyber scams run rampant during this time of year and no one is 100% safe. Network security and smart online shopping can help mitigate some of these cyber threats. Shop safe and have a great Christmas!