Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Watch out for these 3 holiday shopping scams

Jen A. Miller | Nov. 27, 2014
The holiday shopping season is also the holiday scamming season. Whether you shop online or at the mall, be mindful of these three types of scams.

holiday scams
Credit: Thinkstock

'Tis the season to be scamming.

It's no secret that Americans are about to spend a lot of money during this upcoming holiday shopping season. Holiday sales are expected to hit nearly $617 billion this year -- this after consumers spent $2.29 billion on Cyber Monday alone in 2013.

That's a big pile of money and credit card numbers and passwords and logins for scammers to jump into, whether through point of sale hacks or phishing scams that go beyond just email.

"It will really be more of the same," says Jerry Irvine, CIO of Prescient Solutions and a member of the National Cyber Security Task Force.

Here's what to expect for holiday shopping 2014.

Phishing in All Waters
Not only will consumers get fake emails, they'll get fake targeted emails. That's because victims of big retail and bank hacks are still possible victims if their email addresses were stolen.

"If I got something from a lady's clothing store, I wouldn't click on it, because I don't shop there," says Irvine, who calls this practice spear phishing. "But targeted attacks to people with known accounts and environments make [preventing this] event more difficult."

So customers of companies that have been hacked could get fake emails from those same retailers or banks and click on them because they think they're safe -- especially since they're probably getting promotional emails from them anyway around the holidays.

Social media represents another possible phishing scene, says Gary Davis, chief consumer security evangelist at McAfee/Intel Security.

"Social media sites are great places for companies large and small to create targeted promotions, but [they're] also a great place for scammers to post phony promotions aimed at grabbing customers information and money," he says.

For example, scammers spread fake promotions for gift cards by asking consumers to click on a Facebook post if they want a gift card. That link then takes them to a scam page. "Once you click on the link and arrive at the scam page, you're asked to 'share' the promotion by clicking on a 'Like' button that automatically posts to your wall with the scam," Davis says. "You are then offered a choice of surveys that ask for your personal information."

Finally, security experts warn consumers to look out for phishing emails from Amazon, eBay and airlines. Hackers are taking advantage of online shopping habits, as well as the uptick in travel during the holiday season, to trick people into clicking on rogue links or downloading attachments.

Hackers Still Hacking Familiar Targets
We still haven't seen the last of point-of-sale hacks either, says Davis. "There are just some scams that consumers can't avoid," he says. "Given that there are millions of point of sale devices at stores worldwide, it's likely [that] these devices will remain a popular target until retailers deploy new security solutions that thwart these attacks."


1  2  Next Page 

Sign up for CIO Asia eNewsletters.