Stay safe online during the festive period, and don’t fall for these common Christmas scams.

Attending nativities, ordering Christmas turkeys, sending Christmas cards, trying to remember where your emergency stools are, and buying everybody that perfect present. There’s a lot to think about in December. And because of this, December is a peak time of year for cyber fraud.

Whether you celebrate Christmas, Hannukah, Kwanzaa, or not, chances are you’re going to do some online shopping this month. Consequently, you’re vulnerable to Christmas scams. Cybercriminals take this eventful and demanding time to boost their efforts to con unwitting victims out of money, or personally identifiable information.

What is a Christmas Scam?

Christmas scams are fraudulent attempts made during the month of December. Criminals target online shoppers with the goal of stealing credit card details, passwords, or personally identifiable information. Once the criminals obtain this information, they take control of a victim’s money or worse, their identity. 

To help you stay safe online this holiday season, we’ve compiled a list of the top 6 Christmas scams to be aware of. It’ll help you be better prepared, so you can focus on what’s most important at Christmas – those that matter to you the most.

1. Fake websites

It’s harder to spot a scam website than you might imagine. Cybercriminals will use professional web designers to closely imitate the way a legitimate website looks, so you need a keen eye to ensure you spot the fakes.

The easiest way to spot a fake website is to look at the URL. Is it spelled correctly? Often, fraudsters will use URLs that are very close to a real site’s URL, but not quite the same. Often, one letter will be incorrect or there will be extra words in the URL. For example, www.google.com could become http://www.googie.com/. This could easily be misread for the correct website address.

You should also look for a padlock icon in the address bar. Click the padlock and look at the drop-down menu that provides information, such as whether the site has a valid SSL certificate and other site settings. It will also tell you if your connection is secure, and therefore whether your information is safe when input on the site.

Remain vigilant with every site you shop on. These checks can identify a lot of fake sites, but not all of them. Cybercriminals have been able to replicate these padlocks or take over legitimate sites that have them too.

2. The travel scam

As soon as the sun sets on Christmas day, we start thinking about getting away, causing thousands of people to book holidays for the year ahead. In fact, the first Saturday of the New Year generally sees more holiday bookings than any other day of the year (Tui).

Enter cyber criminals, aiming to take advantage of this flurry of online activity. They create phishing scams to appear as fantastic holiday deals – but instead designed to get hold of your personal and financial information.

To avoid this, ensure that you’re purchasing your flight tickets or accommodation from genuine websites and companies you’re familiar with. Avoid clicking any links in promotional emails or messages, instead going directly to the official website, and finding the deal there. 

3: Fake delivery scams

Are you waiting for a gift to arrive in the post? Most people are during December.  Sometimes, you’ll get a text or email letting you know that your parcel is on its way. But you can’t always trust these messages.

When an ‘official’ email or text arrives in your inbox, it may state that a delivery attempt was made or that your parcel is being held at the depot. The message might provide a phone number to call, or link to click so you can make a small payment to get your package re-delivered.

Don’t respond to them.

These are phishing messages that intend to acquire your credit card details to steal your money, or to commit identity fraud.

They are rapidly growing in popularity with fraudsters, so again, remain vigilant. If you are expecting a parcel to be delivered, check directly with the company you ordered from. Most won’t charge you to redeliver a parcel if the first attempt was unsuccessful.

4: Parent or grandparent scam

Cybercriminals have no remorse for who they attack, which is why they often target those who are the most vulnerable, including the elderly.

A new scam that has been making the rounds recently is one that targets parents and grandparents. A text message arrives on the victim’s phone, claiming to be a grandchild or child in need of money. They use friendly, believable language, often stating that their phone is broken and they’re having to use a temporary number. The ‘child’ will then ask for money.

As this is a lesser-known scam, it can be easier to fall for. If you receive a suspicious text, do not reply. Instead, contact the family member on their real number to double-check the facts.

5: The job advert scam

Around the festive season, thousands of people are eagerly hunting for job opportunities to earn a little extra Christmas cash. Unfortunately, this opens another opportunity for cybercriminals to take advantage of people and their assets.

In this scam, fake employees offer job opportunities that require you to pay upfront fees for training or request all your personal details to withdraw money from your account. Here are some signs that the job you’re applying for might be fake:

• The salary is high, yet minimal experience is required
• There is pressure to start immediately
• You’re asked for money upfront, for training or uniform
• The job advert has poor spelling or grammar

Avoid becoming a victim of a job alert scam by being sure to only apply for jobs through reputable sources, and never give out your information to a prospective employer before you’ve had a chance to verify their identity.

If you’re asked to make an upfront payment, walk away – it’s a scam.

6: The e-card scam

Receiving a Christmas card is lovely. But receiving one from a cybercriminal could leave you financially insecure.

Despite usually coming from a friend, colleague or family member, e-cards are often forwarded from another source. The original source may not be reliable, and the e-card may include links, images or videos that encourage you to download something.

Don’t click these links – it’s generally malware. Designed to steal confidential information stored on your computer or mobile device, it’s not a gift you want to receive this season.

Top Tips to Stay Safe Online at Christmas

The National Cyber Security Centre (NCSC) has provided five simple tips to help you protect yourself from online scams this winter.

1. Keep your accounts secure: use strong and different passwords for your most important accounts, using random words.
2. Be aware of emails/texts/websites that look too good to be true or suspicious: many cyber criminals use fake messages to steal information.

3. Choose carefully where you shop: ensure the websites you use are legitimate and avoid clicking any links you’re unsure of.
4. If possible, use a credit card for online payments: this helps to protect a refund of an online purchase. 
5. Only provide the essential details needed for the order: only fill in the mandatory fields.

This Christmas, stay extra vigilant about your online activity. If you’d like more advice on how you can avoid Christmas scams and secure your business or staff this festive season, contact us today.