Skip to content ↓ | Skip to navigation ↓

The media has been filled with news of identity theft, hacks, and other security woes as of late. In recent months, Uber was hacked, people had their financial information stolen by credit card skimmers, and one woman lost $59,000 to a fake police website.

Such incidents cause people’s stomachs to churn. They wonder how to keep their data secure and private, especially as the number of cybercrime instances continues to grow. And for people buying gifts this holiday season, the concern only increases in magnitude.

The holidays, after all, bring not only family celebrations but also identity theft and credit card fraud. Javelin Strategy & Research reports that $16 billion was stolen from 15.4 million Americans in 2016, up from $15.3 billion and 13.1 million victims in 2015.  Fortunately, you can prevent most of these things from happening to consumers, your employees, and your business with the right policies, training, and protections in place. The holiday scams and tips shared here will enhance information privacy and security both now and throughout the year.

 5 Holiday Scams to Be Aware Of

Many holiday scams tend to be iterations of previous ones. They are effective, though, and you need to be proactive to protect yourself and your business against them. Start with the following list of five common holiday scams.

  1. False Shipping Information

Many sites, such as Amazon, issue tracking information so buyers can find and follow their holiday gifts. Hackers and con artists use the habit to their advantage. They send fake Amazon, FedEx, and UPS emails with a link containing a virus hungry for sensitive data.

Solution: You should install security software on all devices, large and small, used to access any company data. Use Anti-phishing software to scan your inboxes and prevent clicks to unsafe links. It’s also important to use a credit monitoring service to monitor company purchases and help prevent sensitive financial and personal information from being stolen or exposed by hackers.

  1. Fake Holiday Greeting Cards

Some hackers adopt the identities of friends and family members to send people a cheerful holiday e-card. You click the link to view the card and instead receive malware.

Solution: View all e-cards with skepticism, even if they think the email and sender are legitimate. You and any employees should also run a virus scan on all messages prior to clicking on anything.

  1. Deceptive Websites

Hackers might have gotten away with shoddy websites in the past, but now they create fake websites almost indistinguishable from the real ones. The hackers subsequently send a holiday deal or other message—depending on the site—and wait for unsuspecting employees to click and visit.

Solution: You should avoid email links and instead type in the official website’s URL. Also look for the “https” and green padlock in your browser’s address bar to ensure the site is secure. Make sure your employees are trained to catch suspicious emails and websites.

  1. Counterfeit Mobile Applications

Because most internet users browse for goods on mobile apps, digital criminals have developed fake shopping and game applications. These apps, like the websites, look authentic. But they are nefarious, stealing personal data from users’ smartphones and tablets.

Solution: Use apps purchased or downloaded only from the Google Play Store or Apple’s App Store. Before downloading any apps, you may also want to run a quick search query. Someone else has likely downloaded the app and can confirm its quality.

For extra security at your business, you can designate what types of software employees have permission to download to their company devices.

  1. Fabricated Giving Campaigns

Charitable giving typically increases during the holidays. However, hackers and scammers use the situation to convince consumers to give to them. They use several mechanisms, including email, social media, and telephones, making this scam hard to detect.

Solution: You should never give money over the phone unless you’re certain of the person on the other end of the line, especially anything that uses company funds over personal funds. And before making any donation, visit Charity Navigator and GuideStar to confirm the nonprofit organization is approved and registered.

By raising awareness of holiday scams and implementing best security practices, you can protect consumers, your employees, and your business. More importantly, you can relax and enjoy the good things the holiday season has to offer.


Krystal Rogers-NelsonAbout the Author: Krystal Rogers-Nelson is a freelance writer and security expert who is committed to educating others about cyber security. Holding a BA in International Studies with an emphasis in globalization, she believes in making technology digestible and accessible to everyone. As a world traveler with 14 years of work experience, she specializes in writing about topics ranging from personal and financial security to travel and child safety. You can read some of her other published articles here:

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.