Phishing, Account Takeover, and Charities: Common scams to avoid this holiday season

With the holiday season upon us, there will be even more impulsive shopping and scammers. These approaching holidays are critical to retailers, with even more emphasis on the criticality of this year. During this time of year, it is not just retailers who want to cash in on the holiday season, hackers and scammers are also looking for any lucrative opportunities. They are looking to exploit the additional online activity to break into accounts, compromise account balances, or even cash in on some identity theft.

During this season, people often are less strict with their accounts. It may be until the end of the year before they notice any issues with their bank accounts or find out they have become a victim of identity theft. However, by this time it will be more difficult to resolve, or correct, the damage done by these scammers.

The following are some examples of scams that people may come across this holiday season

Phishing Emails

Phishing scams are one of the most common ways to deceive an individual into compromising their credentials, personal information, bank details, and other useful information that can be obtained by the attacker. This scam is one of the easiest ways for a scammer to get personal information. It involves sending emails that appear genuine from trusted organizations, such as banks, government organizations, social media, or shopping sites but is a crafted email sent by the attacker. With more people staying indoors to do online shopping rather than visiting the local stores and malls, the risk for this year is at an all-time high. Many are likely to receive emails that direct them to download apps or click on links to sites that look legitimate but are collecting data instead.

An example of a popular phishing scam involves emails warning of a failure to confirm their personal information and could result in the account being shut down or locked out. The best way to avoid this kind of scam in your daily life is to refrain from clicking links in an email and visiting the website directly.

Account Takeover (ATO)

Account Takeover attacks continue to be a serious threat to online consumers and retailers. Last year retailers received billions of credential validation attempts, from potential fraud attempts to attacks to take over customer accounts. If you are a retailer that is preparing for the upcoming holiday season, be sure to keep a close eye on authentication failures and consider forms of bot management solutions to obstruct the testing of credentials on your authentication endpoints.

Fake Charities

During the holiday season, fundraising is at the highest point during the year. Make sure that your money goes where you want it to, not into the hands of scammers. With the festive season on, it is common to receive phone calls or posts on your Facebook, requesting you to donate towards a good cause. Do not rush into donating. Take your time, research the charity to ensure your hard-earned cash does not end up in the wrong hands.

These scams increase every year around the holidays and the best way to avoid falling into the trap is to not donate to charity with whom you did not initiate contact directly.

Empty Gift Cards

Buying gift cards for your loved ones is the easiest and least time-consuming way to give a gift to someone. According to the AARP survey, more than 70% of adults plan to purchase gift cards as gifts for their loved ones, and 69% plan to purchase these cards from stores. However, these gift cards are also targeted by scammers leading many people receiving gift cards with no money on them. The scammers compromise the account number and PIN from the gift cards displayed in these stores, and when the gift card is activated, they immediately start draining the funds.

One of the best ways to avoid this from happening to you is to purchase the card directly from a legitimate retailer website. Avoid buying gift cards through online auction sites, since they can be either stolen or fake.

Mimicking Websites

Cloning websites is another way to fool consumers and steal their confidential details, and they are often used in conjunction with phishing emails. As a consumer, one needs to be wary of all unwanted or unexpected emails you receive, since cyber criminals mimic a website to make it look authentic. You may receive a sale coupon that when clicked, redirects you to a dupe website that looks strikingly like a website you know and trust.

Do not forget to pay attention to the URL address. Does the URL display the correct site name or are there misspellings? Look for lock symbols or ‘Https’ in the browser whenever you visit a website. This indicates the website is secure and you can enter your credentials.

For more tips and information on how to keep yourself safe this holiday season, visit

If you have any questions, you can contact us through Facebook, & LinkedIn or Contact us. Feel free to call us 406-646-2102 or drop a mail

Comments are closed
Our team knows the importance of the work we do for our clients. We know that our efforts have a direct impact on your productivity, profitability and success, so we take our tasks seriously! We look forward to providing your company with strong
ROI and value.