Not So Merry: The 12 Scams of Christmas

This notice is archived content and this information may no longer be accurate.

With the holiday shopping season geared up, consumers are crowding stores or firing up their mobile devices to get a great deal. But watch out for these dirty dozen ripoffs!

1. Not-so-merry apps. With every shopping season comes a new wave of mobile apps vying for the opportunity to help you locate the best deals in town, or seasonal versions of popular games. Tread carefully: These apps are often fronts for a data-stealing Trojan.

2. Mobile SMS scams. Never click links in unsolicited text ads or provide your mobile number to random websites; scammers will sign you up for expensive services or convince you to download malicious apps.

3. Hot holiday gifts. Con artists will offer too-good-to-be-true deals on hot items such as new video games. Don’t be fooled!

4. Seasonal travel. Cybercriminals often advertise bogus travel deals in hopes of stealing your credit card number.

5. Dangerous e-cards. Did you get an e-card from an unknown sender? It may be laced with malicious links or attachments.

6. Deceptive games. Buy all games from reputable websites; scammers take popular titles, wrap them in malware, and sell them to the public at a low price.

7. Sham shipping. Con men send out fake delivery notices to trick victims into clicking malicious links.

8. Bogus gift cards. Always buy these cards directly from retailers.

9. Holiday SMiShing. Scammers steal sensitive information by sending text messages, supposedly from a bank or financial institution.

10. Fake charities. If you plan on giving to those in need, verify that the charity is legitimate.

11. Romance ripoffs. Scammers set up profiles on dating sites, then dupe victims into sending them cash—supposedly to buy gifts for their mom or kids.

12. Phony e-tailers. Cybercriminals set up fake websites, then drain your cash and personal information.

Watercooler Stories

Mobile Security Breaches Hit Two-Thirds of Businesses Last Year
Mobile security breaches have affected 68% of global organizations in the last 12 months, according to a new study. And over half of all U.S. organizations (54%) are more concerned about mobile breaches in the next 12 months than in the previous year. In not-unrelated news, the survey also revealed the growth of the bring your own device (BYOD) movement is very high, with 98% of U.S. employers now allowing employees to use these devices for work purposes. Researchers said that in this environment, device security is falling by the wayside.

Study: Realistic Looking Phishing Sites Work Nearly Half the Time
New research co-sponsored by Google indicates that when attackers carefully craft phishing attacks, their results can be shockingly successful. The study found that when phishing websites look legitimate and realistically imitate genuine sites, they have a 45% success rate at harvesting data. This drops to 14% for an average-looking imitation, and all the way down to 3% for a more obviously fake version. Experts have long warned that phishers’ growing sophistication and ability to mimic legitimate websites pose a massive security risk to consumers and businesses alike.

Keyless Cars Increasingly Targeted by Thieves Using Computers
Law enforcement agencies and automotive trade groups warn that gangs of organized criminals are increasingly targeting high-end cars with keyless security systems. The thieves bypass security using equipment intended only for mechanics. Naturally, manufacturers are trying to stay ahead by updating their software. In keyless entry and ignition systems, drivers keep a fob on their person that automatically opens the car and activates it. As the popularity of such systems increases, criminals have been buying equipment that can reprogram the fobs.