McAfee reveals its annual “12 Scams of Christmas” to educate the public on the most common online scams that criminals use during the festive season. Cybercriminals take advantage of consumers shopping on their tablets, smartphones and PCs and leverage scams to steal personal information, earn fast cash, and spread malicious software. This year, Black Friday and Cyber Monday present a huge opportunity for cybercriminals looking to take advantage of consumers with clever festive-themed scams.
Online retail revenues from the Christmas shopping rush this year are expected to reach a whopping £10.8billion (IMRG), driven in part by the rise in m-commerce – 12.4 per cent of total European online sales at Christmas will come via mobile, an increase of almost 70 per cent year-on-year. With more and more Britons using smartphones and tablets for Christmas shopping, consumers need to ensure that they are taking all precautions to protect the data saved on their devices.
This period last year McAfee recorded mobile threats for Android over the 900,000 mark in the lead up to Christmas, before dropping by nearly 50% to under 500,000 in the first few months of the year. This trend is set to continue this Christmas with the amount of mobile-specific threats likely to peak to even higher numbers. In addition the first week of December sees cybercriminals open ‘the spam floodgates’ luring online shoppers with promises of amazing deals, false delivery notifications, personalised season’s greetings cards, credit card offers and more.
“As the UK gears up for the busiest online shopping days, it’s important that consumers realise that the potential for identity theft and fraud increases when sharing personal information and bank details using smartphones, tablets and PCs that are under protected,” said Samantha Swift, online security expert at McAfee. “Understanding the mindsets of cyber crooks and being aware of how they try to take advantage of consumers can help ensure that we use our devices the way they were intended – to enhance our lives, not jeopardise them.”
To help consumers remain wary of greedy ‘grinches’ as they surf the web for holiday deals and seek out gifts for their loved ones, McAfee has identified this year’s top “12 Scams of Christmas”.
McAfee’s 12 Scams of Christmas 2013
1 Not-So-Merry Mobile Apps—Official-looking software for Christmas shopping, including those that feature celebrity or company endorsements, could be malicious, designed to steal or send out your personal data. A recent report from McAfee identified a new family of mobile malware that allows a cybercriminal to get around the digital signature required to validate apps on Android devices.
2 Holiday Mobile SMS Scams—A widespread piece of malicious code known as FakeInstaller, tricks Android users into thinking it is a legitimate installer for an application and then quickly takes advantage of the unrestricted access to smartphones, sending SMS messages to premium rate numbers without the user’s consent. No doubt Android handsets will be popular this Christmas, so consumers should ensure their gift also comes with appropriate security software.
3 Hot Holiday Gift Scams—Advertisements that offer deals on must-have items, such as these Playstation 4 and Xbox scams on Facebook, might be too good to be true. Clever crooks will post dangerous links and phony contests on social media sites to entice viewers to reveal personal information or download malware onto their devices.
4 Seasonal Travel Scams—Phony travel deal links and notifications are common, as are hackers waiting to steal your identity upon arrival. Around 1,000 holiday scams took place in Britain last year, costing holidaymakers more than £1.5million, according to the National Fraud Intelligence Bureau (NFIB).
5 Dangerous E-Seasons Greetings—Legitimate-looking e-cards wishing friends “Season’s Greetings” can cause unsuspecting users to download “Merry Malware” such as a Trojan or other virus after clicking a link or opening an attachment.
6 Deceptive Online Games—Before your kids are glued to their newly downloaded games, be wary of the games’ sources. Many sites offering full-version downloads of Grand Theft Auto, for example, are often fake and laden with malware, and integrated social media pages can expose gamers, too.
7 Shipping Notifications Shams—Phony shipping notifications can appear to be from a mailing service alerting you to an update on your shipment, when in reality, they are scams carrying malware and other harmful software designed to infect your computer or device. With an estimated 20,000 click-and-collect points across the UK this Christmas and increasingly flexible delivery options, consumers should be on guard against cyber crooks capitalising on delivery notification.
8 Bogus Gift Cards—An easy go-to gift for the holidays, gift cards can be promoted via deceptive ads, especially on Facebook, Twitter, or other social sites, that claim to offer exclusive deals on gift cards or packages of cards and can lead consumers to purchase phony ones online.
9 Holiday SMiShing—During the holidays, SMiShing is commonly seen in gift card messages, where scammers pose as banks or credit card companies asking you to confirm information for “security purposes”.
10 Fake Charities—Donating to charities is common this time of year for many looking to help the less fortunate. However, cybercriminals capitalise on this generosity, especially during natural disaster events, and set up fake charity sites and pocket the donations – for example, this email scam made the fraudster behind it £214k.
11 Romance Scams—with more than 9 million Britons now using a number of dating sites, it can be difficult to know exactly who the person is behind the screen. Many messages sent from an online friend can include phishing scams, where the person accesses your personal information such as usernames, passwords, and credit card details.
12 Phony E-Tailers—The convenience of online shopping does not go unnoticed by cyber scrooges. With so many people planning to shop online, scammers set up phony e-commerce sites to steal your money and personal data. In October this year, it was revealed that one in every five consumers looking for a bargain online were getting duped by phony retail sites.
McAfee’s Tips for a Scam-Free Festive Season
* Review mobile apps carefully before downloading.
* Be aware! If an offer seems too good to be true, it probably is. Purchase directly from the official retailer rather than from third parties online.
* Ensure that you’re doing your research before sharing personal details with an organisation you’re not familiar with. Banking and credit card companies should never ask you for personal information via text message.
* Before traveling, make sure that all of your software is up-to-date and run a virus scan. If you’re asked for a username and password after clicking a link, try using a fake input on the first login attempt. The extra few seconds it takes to load confirms that the page is actually looking for valid username/password combinations; scam sites will let you right in.
If you do plan to search for deals online, use apps or open shopping related emails, make sure your entire household’s devices have protection, such as McAfee LiveSafe, which protects all your PCs, Macs, tablets and smartphones. It also includes McAfee Mobile Security, to protect your smartphone or tablet from all types of malware. This app also guards you from the latest mobile threats and risky apps, offers enhanced privacy and backup features, location tracking and the SiteAdvisor technology to help you steer clear of dangers when searching on a mobile device.