Select Page

holiday-scam-email

Clickbait

You are probably seeing more spam in your inbox. Here are some examples: fake invoices for items you didn’t order, notifications that an item you ordered cannot be delivered, emails with links to track your orders, or a notice of a refund from a company that you haven’t done business with. If you engage, they may steal your personal information or your credit card number.

  • Here’s why spam has increased so much: Artificial Intelligence (AI) is making it easier for cybercriminals to write convincing phishing emails that could break through spam filters and be convincing enough to get you to click a link.
  • What it means for you: Exercise extra caution, especially during the holidays when you might receive more order-confirmation emails than usual.
    • If the email is from a company you haven’t done business with, don’t click links or download attachments. Doing either could help a scammer access your online accounts. Just mark the email as spam and delete it.
    • If the sender looks legit, still don’t click links or download attachments. Instead, go to the company’s website and log in to access the information you need.

Pricing

Is the “sale” item really a good buy? Before you buy, research the price of the item before the sale. Many companies artificially raise prices, just to entice you to buy with a 50% or 80% off sale! The website camelcamelcamel.com tracks the price history of items sold on Amazon.com. Never spend just to “save.”

Impersonation

Scammers impersonate legitimate businesses and ask you to confirm your payment information or update information about a pending delivery. Do not download attachments or click links within the email. Instead, go to the company’s website to check the status of an order.

Another common scam is someone pretending to call from your bank. The scammer informs you that there is a problem with your account. To fix the issue, they say that they are sending you a verification code that will help prove your identity.

By posing as the company, they turn the tables on you. You’re put on the spot and expected to prove who you are. Actually, they’re the criminal, and they already have your password. The code you hand over will allow them to process a payment or log into your account with two-factor authentication.

If you are engaged with a suspicious caller, hang up.

Avoid malicious browser extensions

Some browser extensions are actually browser hijackers. Although they pretend to get you a discount, they could change your browser settings and fill your inbox with spam or phishing emails. At worst, they could install malware on your device that compromises your accounts and online security in general. Only install extensions that are well-known and well-tested.

 

Learn more about phishing attacks at Phishing.org.