Over the years, Christmas scams have traditionally targeted individuals. However, in more recent times the risks to business have risen significantly. Driven by changes in the way workforces rely upon technology to stay connected, the way individual employees use their devices and, of course, the increasing sophistication of cyber criminals.
Australian businesses are now exposed to greater cyber risks than ever before, which can be especially significant during the Christmas period. Whether it’s doing some online gift shopping in your lunch break, receiving an e-card from a customer, or expecting a parcel delivery in the office using your work email as the contact address, many employees are unconsciously making their employers vulnerable to a cyber incident.
Whilst it’s by no means an exhaustive list, here are three examples of common scams to watch out this festive season, together with tips to protect yourself from falling victim to them.
1. Christmas e-card Scams
Christmas e-cards are fast becoming the new norm, as more and more people switch from traditional paper Christmas cards. Most are entirely genuine, however, scammers have been catching on to this trend by sending out their own nefarious e-cards.
These emails can contain viruses and malware that are embedded into your device without your knowledge. Which then steal valuable data from your device, such as personal information, financial and banking details, as well as usernames and passwords. The fraudsters can then use this data to defraud you, commonly by accessing bank accounts in your personal or business name (if you’re opening them on a business device).
- Never open unsolicited emails. Delete them immediately!
- As fun as they may look, exercise caution when opening e-cards even if they appear to have come from someone you know. Never click on any links or open any attachments in these emails.
- Keep your computer updated with the latest anti-virus and anti-spyware software, combined with an up-to-date firewall.
2. Online Shopping Scams
Shopping scams are big business for cyber criminals. How big? According to a report by the ACCC, in 2019 alone the reported losses from online shopping scams in Australia were well over $4 million!
Scammers often try to take advantage of busy times, such as people doing their Christmas shopping as well as the upcoming Black Friday and Cyber Monday sales. Commonly targeted items include shoes, smartphones and other electronic goods.
One of the ways they do this is by creating fake websites, where they advertise goods and services which are poor quality or unsafe, or goods that will never be delivered. To get attention, they’ll often advertise with images of well-known products at much cheaper prices than usual, luring customers to go to their site.
These scammers will often advertise their websites on social media platforms, especially Facebook, so they’ll be seen and shared by a vast majority of people. It’s also quite common for scammers to send out a link to the site through phishing emails.
Once you make a ‘purchase’ on the website, the scammers will use your personal information and card details you enter which can then be used to steal money or commit identity theft. Chances are you’ll never receive the item you bought or, if you do, it will be of very poor quality or broken.
- Never pay for anything online via a bank or wire transfer. Only pay through a secure method such as a credit card or PayPal. This way your payment is protected.
- If the seller takes you to a separate website for payment, check the URL in the address bar. For example, if you’re using eBay and the domain name is anything other than ebay.com.au, it’s fake
- Check for a green secure padlock in the address bar. Any secure payment site should have this.
- Make sure you read the website’s terms and conditions regarding payments to see if and how your purchase is protected.
3. Parcel Delivery/Phishing Email Scams
Parcel delivery and phishing email scams are a regular occurrence for businesses throughout the year. But the risk typically rises towards Christmas with the increase in online gift shopping.
With people expecting so many deliveries during this busy period, it can be easy to lose track. Most companies will contact their customers via email to keep them informed on the delivery process, and when their parcel is expected to be delivered.
Scammers take advantage of this by sending out thousands of phishing emails advising that an individual has a package to collect, and importantly including a link or attachment within the email. Before thinking, many people click on these links – which often contain viruses or malware designed to lock you out of your computer or log your usernames and passwords for sensitive sites, providing hackers with either your personal information or your banking details.
- The display name in emails is easy to change, so make sure you always check the sender’s email address. If it looks unfamiliar or doesn’t have a legitimate domain name, delete it immediately.
- Pay attention to the warning signs – scammer’s email addresses and messages often have spelling mistakes or obvious grammatical errors.
- Legitimate companies will address their customers by their first name. If the email begins with ‘Dear Customer’, ‘Dear’, or something very generic, be suspicious. Scammers send out thousands of phishing emails at a time so they are normally generalised.
- Check for the company’s contact information – in phishing emails, there are either minimal details or none at all.
- If you think you’ve been scammed, contact your bank as soon as possible to report it.
CLICK HERE for more information on 360 Cyber Insurance.