As technology advances and criminals get more creative with identity theft practices, new waves of holiday scams are cropping up that can compromise the good cheer of the season. In fact, a 2012 Federal Bureau of Investigation release revealed that shoppers are particularly vulnerable to cyber crimes over the holiday season because victims are likely to let their guards down to help others.
Whether online or in store, you can safeguard yourself from these potential credit report nightmares by recognizing the warning signs of fraudulent activity.
Here are five of the most popular Christmas scams to watch out for this year.
1. Shipping Notification Scam
Shop.org predicts online sales will amount to as much as $105 billion this holiday season. Those who choose to shop online will be susceptible to this scam, as it targets shoppers who require delivery of their purchases by distributing shipping notifications and confirmations that are actually phishing scams.
How it works:
Potential targets receive an email that contains falsified shipping information, often from a popular delivery company like DHL, UPS or FedEx, or a major retailer like Amazon. There are a few variations to this holiday scam, such as a “delivery failure notification” message that suggests that a company tried to deliver a package while you were out.
Typically, there’s a file attached to the message, which is one of the biggest indicators that you’ve just received a fraudulent phishing email.
Unknowing recipients click on the file, initiating a virus download that aims to phish (i.e. scan) through their computers. During this phishing stage, sensitive information such as bank account numbers and passwords can be collected. Some viruses even go so far as to hijack access to computers, which can only be returned after a payment is made. The FBI reports that this type of “ransomware” has experienced a resurgence of late.
2. Mobile App Scam
This season, long road trips to get to holiday gatherings compel many smartphone users to download new apps to stay entertained during the commute. The danger, however, arises when insufficient research is done before downloading a new mobile app. After it all, smartphone users find that innocent-looking apps were the vehicles by which criminals wirelessly swiped credit card information for fraudulent use.
How it works:
Malicious mobile apps are created with a technology known as near field communication (NFC) encoded into the app. This allows two NFC-capable devices to share data with one another; the problem is that some credit cards have built-in NFC technology.
The tainted app continues to scan for credit card information in the background, even when the phone isn’t in use. Then, when a compromised smartphone is put in close proximity to a wallet, it collects credit card credentials and emails it to the perpetrator.
Criminals then use this information for purchases online and even in stores that have a tap-and-go payment device. To avoid becoming a victim of this sophisticated form of online identity theft, research the developer beforehand by verifying that its website is legitimate and reading through user reviews.
3. Text Message Scams
This type of identity theft fraud is conducted via Short Message Service (SMS), commonly known as text messaging. Referred to as “smishing,” or SMS phishing, this scam tricks cellphone users into handing out their banking information under false pretenses.
How it works:
As with any scam, this particular ploy operates under a number of guises. Some suggest that you’ve signed up for a service that will cost some amount of dollars if you don’t cancel the subscription by clicking through to a link in the message. Others might assume the identity of your bank and ask you to “verify your PIN” to reactivate your debit card.
Ultimately, victims end up giving their information to perpetrators, or downloading a Trojan that tracks and stores all activity on the device. If you’ve received an unsolicited text message like the examples described above, forward it to 7726 (or SPAM). This will direct all suspicious messages to your cellular provider and initiate an investigation.
Next you should immediately delete the message after you’ve reported it, but make sure not to respond to any prompts like “text message STOP” to end the messages. Doing so will alert spammers that the number is, in fact, active. For added peace of mind, call your bank to alert it of the incident.
4. Charity Scams
Although it’s easy to be focused on holiday gifting this time of year, it is more importantly the season of giving. Relentless crooks, however, use charities as vehicles for their own gains through solicitous emails and fake charity websites.
How it works:
An unsolicited email is sent en masse as fraudsters wait for who’ll take the bait. The message often tells a harrowing narrative that’s believable and tied to a real natural disaster. At the end of the email, the sender requests a temporary loan from the would-be victim, with the promise to repay it as soon as the sender gets home.
Recipients are encouraged to wire the funds via Western Union or MoneyGram, only to find that the individual on the other end of the computer screen just got away with their cash. This emotional appeal also takes the form of an email soliciting donations under a well-known charity organization, like the Red Cross.
“We are inspired to give following tragedies, but sadly these events also inspire scammers to take advantage of our generosity,” said Julie Wheeler, president and CEO of the Better Business Bureau Serving Western Virginia. “If you’re giving, do your homework first. Know who you are giving to and know where your money is going.”
5. Gift Card Scams
The National Retail Federation found that 80 percent of adults plan to purchase at least one gift card this holiday season; however, this commonly gifted item has recently been used as a tool to drain the holiday spirit.
How it works:
Rip Mason, CEO and director of LegalShield, a legal services and identity theft protection provider, explained how thieves get away with this scam.
“The way these scams work is that a lot of retailers will display their gift cards at the checkout aisle or leave them out in the open for consumers to browse through,” Mason said. “This makes them vulnerable to thieves who take the cards, obtain the pertinent numbers listed on them and then place them back on store racks.
“Afterwards, the thieves electronically track the gift cards and wait for money to be activated. Once a customer adds money and activates the card, the thieves promptly drain the funds electronically, leaving the person receiving the gift card with a balance of zero and dismay at the checkout aisle.”
To avoid having you and your gift recipient become a victim of this simple, yet relatively unknown holiday scam, Mason recommends the following tips:
- Be suspicious of and avoid buying any gift cards that are in packaging that appears to be tampered with.
- If a retail outlet keeps its gift cards out in the open and not in any packaging, ask the clerk or manager if he has any gift cards behind the counter or in the back of the store.
- Only purchase gift cards from trusted retailers or their websites; avoid purchasing them from third party vendors you aren’t familiar with.
There is no surefire way to avoid becoming a victim of holiday scams, but by staying knowledgeable about popular schemes, you can reduce the likelihood of fraud and identity theft.