As the seasons change, so do the tactics of scammers, with the UKs National Cyber Security Centre revealing UK shoppers lost £11.5m last Christmas.
Take the current surge in scammers targeting UK citizens with “winter heating allowance” texts as the cold weather draws in. The scam asks them to visit lookalike government websites which collect their personal information and payment details in the hope of receiving cost of living payments.
And with only a few weeks until Christmas, scammers are now beginning to adjust their tactics to prey on the generosity, financial stress, and urgency that many feel at this time of year.
What to watch out for to avoid seasonal scams
Christmas-themed downloads: Think screensavers, apps, or ‘free’ software - these can all carry hidden malicious software (malware) that aims to compromise your device and / or steal sensitive information.
Fake retailers: Attackers create fake websites and apps to mimic legitimate companies with deals that seem too good to be true, hoping visitors unknowingly enter their personal and payment information.
The security of internet connected devices: Before you purchase devices like smart speakers, connected toys or wearables, see if you can change the default security settings, which make them vulnerable to hacking.
Fake charities: Scammers can set up fake charity websites or impersonate known charities, asking for donations, particularly around Christmas when people are in a giving mood. These scams can trick people into sharing personal and financial details.
Festive e-cards or Christmas-themed attachments: Party invitations can be embedded with malware, infecting devices once opened. Remember, even emails coming from known contacts should be treated with caution as their email may have been hacked.
Hacking accounts: Services like PayPal, or Apple Pay are frequently used for gift purchases, and attackers exploit weak account protections (lack of multi-factor authentication or reused passwords) to hack into these accounts and steal funds.
Gift card fraud: Scammers often target gift cards, either by selling counterfeit ones online, claiming you’ve won a gift card, or by hacking accounts to use stored gift card balances.
Parcel delivery scams: What better time to send parcel delivery phishing emails when we are all waiting for our Christmas shopping? Scammers send fake notifications from delivery companies (like Royal Mail), asking recipients to pay a fee to release their package or asking for personal information.
Fake holiday rentals and travel deals: Scammers create fake listings for holiday homes, Christmas cottages, or travel deals. Victims pay deposits or full amounts, only to find the listing doesn’t exist, or they arrive at the destination to find no accommodation.
Steps to keep your personal information secure
- Verify URLs before entering your payment details - a quick Google search can often show if a company is legitimate.
- Enable Multi-Factor Authentication wherever you can.
- Change default security settings for any new toys and keep your devices and software updated with the latest security patches.
- Be cautious of requests for your information whether they’re made through email, text or phone calls.
- Check your bank statements for unauthorised shopping transactions.
- Remind your loved ones of scams, particularly those more vulnerable like older relatives.
Don’t let scammers and fraudsters put a dampener on your festive spirits. Stay aware and stay safe.
