The 12 Scams of Christmas

Email this| Posted Nov 30th 2009 4:00PM by Jeanne Sager

Holiday shopping means watching out for cyber scams. Credit: Don Hankins, flickr

Thanks to repeated playing at the mall on Black Friday, you've got the lyrics to "12 Days of Christmas" ringing in your head. Forget them -- it's time to learn the 12 Scams of Christmas. Your wallet will thank you for it.

Coming out of computer security company McAfee, it's no surprise cyber crime is a major concern, but it isn't just their business. The U.S. Bureau of Justice estimates cyber crime accounted for $246 million in losses for Americans in 2008.

Where it's cropping up might surprise you -- take scam number 7, Christmas carol lyrics? Turns out the "12 Days of Christmas" is more than a physical headache.

Courtesy of McAfee, here's what you need to look out for:

Charity Phishing Scams – Be Careful Who You Give To: During the holiday season, hackers take advantage of citizens' generosity by sending e-mails that appear to be from legitimate charitable organizations. In reality, they are fake Web sites designed to steal donations, credit card information and the identities of donors.
Fake Invoices from Delivery Services to Steal Your Money: During the holidays, cybercriminals often send fake invoices and delivery notifications appearing to be from Federal Express, UPS or the U.S. Customs Service. They e-mail consumers asking for credit card details to credit back the account, or require users to open an online invoice or customs form to receive the package. Once completed, the person's information is stolen or malware is automatically installed on their computer.
Social Networking – A Cybercriminal "Wants to be Your Friend": Cybercriminals take advantage of this social time of the year by sending authentic-looking "New Friend Request" e-mails from social networking sites. Internet users should beware that clicking on links in these e-mails can automatically install malware on computers and steal personal information.
The Dangers of Holiday E-Cards: Cyber thieves cash in on consumers who send holiday e-cards in an effort to be environmentally conscious. Last holiday season, McAfee Labs discovered a worm masked as Hallmark e-cards and McDonald's and Coca-Cola holiday promotions. Holiday-themed PowerPoint e-mail attachments are also popular among cybercriminals. Be careful what you click on.
"Luxury" Holiday Jewelry Comes at a High Price: McAfee Labs recently uncovered a new holiday campaign that leads shoppers to malware-ridden sites offering "discounted" luxury gifts from Cartier, Gucci, and Tag Heuer. Cybercriminals even use fraudulent logos of the Better Business Bureau to trick shoppers into buying products they never receive.
Practice Safe Holiday Shopping – Online Identity Theft on the Rise: Forrester Research Inc. predicts online holiday sales will increase this year, as more bargain hunters turn to the Web for deals. While users shop and surf on open hotspots, hackers can spy on their activity in an attempt to steal their personal information. McAfee tells users never to shop online from a public computer or on an open Wi-Fi network.
Christmas Carol Lyrics Can Be Dangerous – Risky Holiday Searches: During the holidays, hackers create fraudulent holiday-related Web sites for people searching for a holiday ringtone or wallpaper, Christmas carol lyrics or a festive screensaver. Downloading holiday-themed files may infect one's computer with spyware, adware or other malware. McAfee found one Christmas carol download site that led searchers to adware, spyware and other potentially unwanted programs.
Out of Work – Job-Related E-mail Scams: The U.S. unemployment rate recently spiked to 10.2 percent, the highest level since 1983. Scammers are preying on desperate job-seekers in the poor economy, with the promise of high-paying jobs and work-from-home moneymaking opportunities. Once interested persons submit their information and pay their "set-up" fee, hackers steal their money instead of following through on the promised employment opportunity.
Outbidding for Crime – Auction Site Fraud: Scammers often lurk on auction sites during the holiday season. Buyers should beware of auction deals that appear too good to be true, because often times these purchases never reach their new owner.
Password Stealing Scams: Password theft is rampant during the holidays, as thieves use low-cost tools to uncover a person's password and send out malware to record keystrokes, called keylogging. Once criminals have access to one or more passwords, they gain vast access to consumers' bank and credit card details and clean out accounts within minutes. They also commonly send out spam from a user's account to their contacts.
E-Mail Banking Scams: Cybercriminals trick consumers into divulging their bank details by sending official-looking e-mails from financial institutions. They ask users to confirm their account information, including a user name and password, with a warning that their account will become invalid if they do not comply. Then they often sell this information through an underground online black market. McAfee Labs believes cybercriminals are more actively scamming consumers with this tactic during the holidays since people are monitoring their purchases closely.
Your Files for Ransom – Ransomware Scams: Hackers gain control of people's computers through several of these holiday scams. They then act as virtual kidnappers to hijack computer files and encrypt them, making them unreadable and inaccessible. The scammer holds the user's files ransom by demanding payment in exchange for getting them back.

Loufus 12-01-2009 @ 4:52PM

Whoever wrote this article has no idea what hacking is. Sending a fake email is not hacking, offering a fake job is not hacking, and pretending to be from a charity is not hacking. Half these could be thwarted with any decent antivirus, and the other half with some common sense.

Sammy 12-01-2009 @ 5:23PM

They are just trying to be nice and let people know what to look for. Not everybody is computer literate, and some people probably need this advice. Chill out.

Meggy's 12-01-2009 @ 5:22PM

what the hell are you talking about . the article is talking about holiday scams retard! don't say something unless you are absolutely sure you know you are right..

jakey 12-01-2009 @ 8:56PM

"what the hell are you talking about . the article is talking about holiday scams retard! don't say something unless you are absolutely sure you know you are right.."
@Meggy -> "hackers take advantage of citizens' generosity," "hackers can spy on their activity," "hackers steal their money," "Hackers gain control of people's computers." ahh irony. and indeed none of this is "hacking," and the line about an underground online black market was priceless.

ArmyWife 12-01-2009 @ 5:09PM

It didn't say the article was about the 12 holiday hackings, it said the 12 Holiday SCAMS!!! all the above mentioned is scams... The title says it all

geneskillet5 12-01-2009 @ 5:13PM

I hope people will start carrying something….anything like at least a Pepper Spray for protection. This website was created after the tragic Virginia Tech School shooting to help people protect themselves and their families and is responsible for saving several lives since starting in 2007. It has a wide variety of Pepper Sprays, Stun Guns, Tasers and many other Home and Personal Security Products! ( Http://AntiBadGuy.com )

Pizzt 12-01-2009 @ 6:13PM

Oh look, a scam! How nice of you to spam post in here to give us a real, live example!
Thanks botter! lol

geneskillet5 12-01-2009 @ 9:08PM

I am not a bot. I seriously care about people being able to protect themselves. I have seen and heard to many horrible stories and I hope maybe I can help prevent innocent people from being violated in the future. I wish you well.

margaret harris 12-02-2009 @ 1:15AM

Okay - I admit I am still new to all the computer stuff - but, I'm really lost here! What do these "products" you've mentioned have anything at all to do with the original subject of this article?

jbjg24m 12-01-2009 @ 6:41PM

i have never ordered anything online nor do i intend to ! never pay bills online either. still use my checkbook and the US MAIL !

sam 12-01-2009 @ 7:34PM

Wow jbjg24m....112 are you? You seem to be so unjustly proud of being in the last century.

geneskillet5 12-01-2009 @ 9:12PM

Paypal is the company that processes all orders for this website. In case you are not familiar with Paypal they protect the customer completely. You cannot be scammed by a company who accepts Paypal just so you know. ( Http://AntiBadGuy.com )

marg 12-02-2009 @ 1:57AM

Sam - that's just rude and mean to make that comment.

Rob 12-01-2009 @ 6:43PM

Well, you can tell it's almost Christmas; everyone is on edge, cutting people to pieces.
I'm going to lock myself in the house until after the first of the year.

Frank 12-01-2009 @ 7:31PM

If someone encrypt's your files and then asks for ransom, how do you pay them? if you give them a credit card they will certainly take more than the asking ransom, you send a check they have your check number and then can duplicate it....dunno?

jbjg24m 12-01-2009 @ 7:57PM

hey Sam .when your pc gets hijacked and somebody gets to your personal checking account , don't start crying about it to anybody but your self! idiot !

carol424 12-01-2009 @ 7:59PM

I think everyone needs to read it the right way. There is scams and virsues everywhere on the computer. You just need to have a good security software to fight the bad things that happen to bug your computer. I think you all need to enjoy the holidays while we are alive and well. Just use your head in the situation. What if we did not have any of the things we have now and still live out of he 40's! Think about it. Be happy and be careful.

marg 12-02-2009 @ 2:05AM

well said

Bruce Chadwick 12-01-2009 @ 9:21PM

Its all good advice,I do bank online,and buy online,the key to buying online is get a pre pay credit card,just load what you need,this way who cares if they get ahold of it,theres no money to be lost.