The season of goodwill is upon us – and cyber criminals are rubbing their hands in anticipation at how to take advantage of our generous festive feelings.
On the eve of Cyber Monday, the nation’s biggest online shopping day, The Mail on Sunday reveals the 12 online scams of Christmas – looking at the most likely ways that thieves will try to empty our bank accounts.
1. Cyber Monday ID swindle
There is nothing like a day of frenzied online shopping to get the fraudsters out in force – hoping you lose your head in the search for a bargain.
Bad Santa: Cyber criminals are rubbing their hands in anticipation at how to take advantage of our generous festive feelings.
If you get an email from an online shop offering a Cyber Monday deal be wary. Tap the website details into an internet search engine to see if others have reported it as being dodgy.
Cheats want your ID – name, address, date of birth, bank details and password. Armed with this data, they can log on to websites and spend your cash.
2. Missing parcel fraud trap
If you arrive home to discover a card sitting on your doormat explaining that a parcel has been left in the porch – but find nothing there – you could be a victim of this scam.
Unbeknown to you a criminal may have hacked into one of your shopping accounts – Amazon for example – and gone on a spending spree using your debit or credit card details. Your details may have been stolen as a result of ID theft.
If you are signed up to a one-day delivery deal, often the criminal will know when to expect the order and be sitting outside your home in a car waiting to pick up the delivery. They might politely intercept the postman – or take the items put in a safe place where they have asked goods to be left.
3. Fake ‘missed you’ delivery card
Even that ‘missed you’ delivery card might not be genuine, but just a criminal ploy to steal your private information.
Many fraudsters print out cards that look like they have come from Royal Mail, but they use a fake phone number asking you to call to ensure a parcel is redelivered.
Unfortunately, at the end of the line is a cyber criminal or answer machine keen to hoover up your personal information so they can pretend to be you – and go on an online shopping spree in your name.
They might use your address or alter online shopping settings to deliver goods to another property.
4. Phoney postal service email
A fraudster pretends to be from a parcel delivery firm such as DHL explaining in an email that an attempt to deliver a parcel to your address has been made but no one was in.
To rearrange delivery you are asked to download a reference number. Attached to the email is a file that if opened downloads a computer virus on to your computer that steals personal details stored on the hard drive.
5. ‘Trojan horse’ malware attack
There is nasty software out there – known as malware – that can infect your computer with a virus and steal personal details while pretending to be your friend.
Because of concerns over cyber attacks at this time of year, many people click on pop-up windows that appear on their computer screen offering free security software. The irony is that the pop-up is often from a fraudster pretending to defend you when they are only interested in stealing your personal details. In the computer world, it is known as a ‘Trojan horse’ attack.
6. Man-in-middle harvesting
Be wary of using public wi-fi in places such as coffee shops because you could be a victim of ‘man-in-the-middle’ crime.
This involves criminals sending out their own copycat wi-fi signal from a special black box gadget that you latch on to by accident. They then spy on what you are doing – and harvest all your private information, including card payment details and passwords.
It often involves sending you a fake copy of a real website, such as the Amazon shop.
The result is that you end up tapping in private information directly to the criminal.
7. ‘Phishing’ with a discount hook
So-called ‘phishing’ expeditions try to lure you in with a hook – perhaps a £10 discount voucher from an online shop such as Amazon.
When you provide personal details to verify you are eligible, a fraudster uses your private information to go shopping on that website or go spending elsewhere.
Phishing is the term used for when an email is received that pretends to be from someone else.
8. Password theft by hackers
A key target for an online thief is your password. Once a fraudster has this you are particularly vulnerable as they can unlock a variety of online accounts and go shopping at your expense.
Over Christmas you are less likely to be keeping tabs on where money is coming and going – so are more vulnerable. Unfortunately, juggling passwords is a tricky business – which is why so many of us have easy-to-remember ‘weak’ codes.
A third of us use maiden or pet names and dates of birth as part of a password – something a hacker will try. Use a random mix of numbers and letters.
9. The dark web ‘long-lost friend’
People increasingly send seasonal greetings via email rather than card – occasionally as attachments with festive online messages.
But just because you recognise the name of the apparent sender does not mean you should automatically open the web page attachment – it could be a trick and include a computer virus.
Crooks often buy personal details of people off the so-called ‘dark web’ – illegal websites – to find targets. This can include a list of contacts that might include you. Attachments often have names that comprise gibberish letters and numbers.
10. Bogus ‘copycat’ website trick
Fraudsters steal money through bogus websites. You pay for a service that you will never get. The website may look official but the final suffix letters often give the game away. If you are looking forward to a short Christmas break you might consider using the room booking service Airbnb. In the past, cheats have used suffixes such as ‘co.com’ rather than the real ‘co.uk’. An ‘https’ prefix is much better as it is more secure than an ‘http’ address.
11. Brazen charity donation cheats
Fraudsters take advantage of seasonal goodwill by pretending to be charities – sending fraudulent emails directing you to bogus websites. The Charity Commission has a list of all good causes and their contact details. So check any emailed details against the Commission’s list.
12. Counterfeit goods rip-off
Even if you use a reputable website for shopping it still does not mean you have escaped the fraudsters – as you might be sent rip-off goods. If the price of an online gift looks ridiculously low you could be buying counterfeit goods.
Some websites dress themselves up to look like official selling sites for luxury brands such as Gucci. Again a suffix such as co.com should send an alarm bell ringing.
Some links in this article may be affiliate links. If you click on them we may earn a small commission. That helps us fund This Is Money, and keep it free to use. We do not write articles to promote products. We do not allow any commercial relationship to affect our editorial independence.
Source link