Lalit Ahluwalia is committed to redefining the future of cybersecurity by helping large, medium, and small-scale businesses build digital trust. Here, Lalit highlights eight hacking tricks that could re-emerge as new scams this Christmas and how you can protect yourself. Watch out!
The holiday season is upon us, and with it comes the infectious joy of Christmas celebrations. The twinkling lights, festive decorations, and the hustle and bustle of gift shopping create an atmosphere of warmth and excitement. As Christmas approaches, people worldwide gear up for festive celebrations with family and friends. However, amidst all the merriment, it’s easy to let your guard down. Cybercriminals leverage this carefree attitude to deploy sneaky hacking tricks and online scams.
As per recent threat reports, old hacking techniques may reappear as new threats this Christmas. So you must stay vigilant to thwart any potential attacks. This article explores eight vintage hacking tricks likely to make a comeback and provides tips to avoid falling victim.
Phishing remains one of the most common and potent cyber threats. Imagine receiving an email that seemingly contains a last-minute Christmas deal or a shipping notification for a gift you never ordered. These phishing attempts are designed to trick you into clicking malicious links or downloading harmful attachments, giving cybercriminals access to your personal information.
According to the Anti-Phishing Working Group, phishing attacks increased 11% in the first quarter of 2023. Around Christmas, fraudsters send spoofed emails impersonating postal services, charities, or online retailers. These emails prompt users to download attachments or click malicious links that install malware or steal login credentials.
A new trend is a conversation phishing on social media and messaging apps. Scammers start friendly chats and eventually send phishing links. Data from Barracuda Networks indicates a 13x increase in conversation phishing since 2020. According to AAG IT Services, phishing is the most common form of cybercrime, with an estimated 3.4 billion spam emails sent every day.
How to stay safe:
- Avoid clicking links or opening attachments from unknown senders
- Verify the email address matches the brand it claims to represent
- Check for spelling errors or inconsistencies
- Hover over hyperlinked text to preview the actual URL
- Use multi-factor authentication (MFA) if available
Fake Shopping Sites
E-commerce scams rise during the holiday shopping frenzy, luring bargain hunters with unbelievable discounts. The joy of giving can quickly turn into a nightmare if you fall victim to fake online stores. Cybercriminals create counterfeit websites, luring you in with unbelievably low prices on popular Christmas gifts. Once you make a purchase, not only do you lose money, but your personal information may also be at risk.
Some attackers create copycat websites impersonating popular online retailers or brands. Unwitting shoppers submit credit card details or other personal information on such fraudulent sites. Researchers from Bolster recently identified over 1,200 new fraudulent e-commerce domains in 2022 selling discounted gift cards and electronics. Expect more such sites to emerge this Christmas.
How to stay safe:
- Only shop on reputable online stores
- Check site certifications like BBB, TrustedSite, etc.
- Avoid clicking ads with unbelievable offers
- Verify the URL format carefully
- Use credit cards for payments as they allow chargebacks
Gift Card Scams
Both physical and digital gift card scams spike around the holidays. Scammers steal gift card data from store racks or trick users into sharing gift card codes over email or phone.
The FBI Internet Crime Complaint Center warned about a new version of this con. Fraudsters send fake gift cards that show a valid number and PIN initially. But the funds disappear within days, leaving consumers with already redeemed worthless cards.
How to stay safe:
- Inspect gift card packaging for signs of tampering before purchase
- Avoid publicly displaying gift card codes
- Refrain from emailing gift card details
- Redeem digital gift cards directly with the retailer
- Use gift cards quickly before scammers can drain loaded values
The generous holiday spirit brings increased donations to charity. However, not all fundraisers are genuine. Bogus websites and crowdfunding pages impersonate real nonprofits to siphon off your well-meaning contributions.
The Federal Trade Commission received over 13000 reports of fake charity scams in 2021, totaling $63 million in losses. Donors must validate unfamiliar organizations before donating to avoid such traps.
How to stay safe:
- Research new charities on watchdog sites like Charity Navigator, BBB Wise Giving Alliance, etc.
- Avoid charities that provide vague details about mission works
- Don’t open charity emails with attachments or embedded links
- Contact recognized charities directly rather than follow Third-party links
- If possible, donate via the charity’s website instead of through social media
Social Media Hoaxes
Hoax stories often spread widely on social media during the holidays. One common ploy is the “Secret Sister Gift Exchange” pyramid scheme, which resurfaces each year on Facebook. Another is the “Secret Santa Dog” post tricking animal lovers into buying gifts for a fake pet charity.
These feel-good stories are illegal scams. Participants either get no gifts in return or become victims of identity theft. Social media users must critically examine pleas for help to avoid such manipulative hoaxes.
How to stay safe:
- Fact-check emotional posts before sharing
- Reverse image search profile pictures used
- Watch for common scam indicators like rewards for participation
- Report suspicious accounts or groups to social media platforms
Ransomware attacks have been a long-standing threat, but during the holidays, cybercriminals leverage the emotional value of your festive memories to coerce you into paying a ransom.
To protect yourself, regularly back up your data and ensure your antivirus software is up to date. Be cautious when clicking on links, especially in emails or messages from unknown sources, as they might contain ransomware payloads.
As you connect to public Wi-Fi networks to catch up on online Christmas shopping or share holiday wishes, cybercriminals may be eavesdropping on your online activities. Unsecured Wi-Fi networks are hotspots for hackers looking to intercept sensitive information, such as login credentials or credit card details.
When accessing public Wi-Fi, use a virtual private network (VPN) to encrypt your internet connection. This adds an extra layer of security, making it difficult for hackers to intercept your data. Additionally, avoid accessing sensitive accounts or making online purchases when connected to unsecured Wi-Fi networks.
How to Protect Yourself: A Christmas Cybersecurity Checklist
Now that you’re aware of the potential threats, let’s wrap up with a Christmas cybersecurity checklist to ensure your holiday season remains merry and secure:
Update Your Devices and Software: Keep your operating system, antivirus software, and applications up to date to patch vulnerabilities and defend against potential attacks.
Use Strong, Unique Passwords: Reinforce your accounts with robust passwords, and consider using a password manager to keep track of them securely.
Enable Two-Factor Authentication (2FA): Add an extra layer of protection to your accounts by enabling 2FA where available.
Shop Only on Secure Websites: Look for “https://” in the website’s URL, indicating a secure connection, especially when entering personal or financial information.
Be Skeptical of Unsolicited Emails and Messages: Avoid clicking on links or downloading attachments from unknown sources. Verify the legitimacy of unexpected messages before taking any action.
Educate Yourself and Stay Informed: Regularly update your knowledge on the latest cybersecurity threats and scams. Awareness is your best defense.
The Most Wonderful Time of the Year?
While technological advances aid fraudsters in hatching more sophisticated cons, a little savvy can help consumers stay on guard. This Christmas, be skeptical of unbelievable offers or requests and watch for telltale signs of scams. Leverage secure digital tools and exercise caution in sharing data whether shopping, donating, or socializing online.
With vigilance and smart practices, hopefully, your list of gift recipients will be longer than the Grinch’s list of victims. Don’t let cybergrinches steal the holiday joy. Stay merry, and just as importantly, stay safe!