Are You Accidentally Buying Holiday Gifts for Cyber Criminals?
November 29, 2022 | Cyber Security, Knowledge Base
The holiday season of 2022 is pleasantly different for most people across the globe. First time in three years, everyone is looking forward to spending time the way they used to pre-pandemic.
Restriction-free holiday seasons mean increased footfall at the local brick-and-mortar stores and online. However, retailers are just one group working around the clock to meet the needs of their customers and make record-breaking profits. The hacker community is head-to-head with the retailers in terms of attracting their "target audience" and going to extra lengths in achieving their "objectives."
For both retailers and threat actors, YOU are the golden TARGET.
"Cyber actors aren't making the same holiday plans as you," said the CISA and the Federal Bureau of Investigation (FBI) in their joint statement right before American thanksgiving last week.
Threat actors know how to play with your emotions, especially during the holiday season. The hunt for a perfect gift, the quest for the best deals, the weeks in advance buying, last minute purchases … they know it all.
To keep the festive cheer alive, look for the top 4 holiday scams that will keep cyber creeps out of your celebrations this holiday season.
The Four Holiday Scams to Look Out For This Holiday Season
Threat actors can create a massive payday out of an ordinary weekday; think of how well they can do during the Holiday season. It is the time of the year when emotions run high, and impulses get the best of us and make us innocent targets for threat actors.
Physical Gift Card Tempering Scam
Many profitable gift card scams have been around for a very long time. Physical gift card tempering is the most common gift card scam making the rounds locally in and around Toronto this year.
For many years, threat actors have become surprisingly clever in tampering with physical gift cards. With a combination of malware, brute force, and phishing attempt, threat actors can manipulate the gift cards so that when the gift card is live, they can pull the funds out of the gift card. In this scenario, the retailer has the proof of loading the funds on your gift card, and you have proof of funds pulled out of your bank account, but the money is nowhere to be found. Sometimes, the retailers understand the situation and reimburse you with cash. But there are cases where the retail staff has no authority over the situation, and you run the risk of losing your money.
Solution to Physical Gift Card Tempering scam: Buy the gift cards online from reputable sellers. When you receive a gift card, change the pin as soon as it is activated.
Non-Payment And Non-Delivery Scam
Most of us have become complaisant with online shopping for our everyday essentials and holiday shopping is no exception. Why wouldn't we? No driving on busy streets, no dealing with aggressive parking maneuvers, no line-ups and free returns.
However, the FBI is warning online shoppers to beware of the two most common scams from 2021 that they expect an influx in 2022 – non-delivery and non-payment crime. A non-delivery crime is when you pay for a product, service, or subscription online but receive nothing in return or receive something of far less value than what you paid for.
Non-Payment crime is when a seller is waiting to ship or has shipped their product to the customer but hasn't received the payment yet. These crimes can be executed with the help of Business Email Compromise and social engineering cyber-attacks.
Solution to Non-payment and non-delivery Crime: Purchase online items from reputable sellers and opt into pick-up from your nearest pick-up location. This will eliminate the argument of whether the delivery was stolen, lost, or never shipped.
Most of us are in the spirit of giving during the holiday season. While our heart is in the right place, some threat actors take advantage of our emotions and notoriously steal our money in the most creative ways, such as Charity Scams.
Seniors are commonly prone to being victims of charity scams. Threats actors apply the same outreach techniques to reach out to their victims as the real charitable organizations, so it becomes increasingly difficult to identify the bogus donation attempts from the real ones.
Solution to charity scams: We you are approach by a reputable charity via email, text, phone call or direct mail, go directly on their official website initiate the donation process by giving them a phone call and avoid clicking on links, scanning QR codes or giving credit card information over the incoming phone call.
Big Brand Promotion Scam
One of the most common holiday phishing attempts are made under the impersonation of prominent and well-known brands like Apple and Amazon. The bait is usually a too-good-to-be-true offer like 'win a free apple phone' or 'win a $500 gift card'. Big Retail Promotion Scam threat activity is generally triggered via text messages and emails, where you'll be asked to click a link and share your personal information.
These threat activities are often designed for you to make an impulsive decision by using language like 'you are the lucky one' or 'you have been chosen to be' to make you feel exclusive and special.
Solution to big brand promotion scam: Know that if big brands like Apple or Amazon are giving away free products they will market the promotion well and you will know about it from credible news sources. Secondly, go on their official website or Social Media accounts to confirm if a certain contest/ promotion is on-going.
Have you come across any of these cyber-attacks? Let us know.