5 holiday cyber scams to avoid

As you and your family kick off the holiday shopping season, it’s a good time to review the common scams that circulate this time of year.

Unless you live in a cave, you probably know today is Black Friday, the day when stores try and lure in early shoppers with great sales on many popular items. It is followed by Cyber Monday, the first Monday after the Thanksgiving break when many workers return to their office computers and, presumably, start their holiday shopping online.

But each year, cyber criminals find new ways to try and ensnare consumers with a number of sneaky tricks. Here are some common ones to keep your eye out for, and to warn your older, tech-savvy kids about, as they are also likely to come across them in the coming weeks, as well.

Holiday ‘giveaways’

No, you are not going to get a free iPad or iPhone. Nor is Southwest Airlines going to give you free round-trip airfare. These are the kinds of scams we see on Facebook year round, but they are often repackaged with holiday wrapping and a pretty bow this time of year to seem like holiday-related give-aways. They are no different, or less malicious, than any other Facebook scam making the rounds all year.

What to do? Avoid them. If you see something on Facebook that claims you will get something amazing simply by clicking “like” or by sharing it with other friends? Don’t. Just don’t. Remember my mantra: If it sounds too good to be true, it is. Instead of a free iPad, if you click on a link, there is a good chance you have just downloaded some kind of malware onto your computer that can be used to steal data from you.

Fake sales

Hot items, like Apple devices or popular video games and consoles, provide holiday opportunities for crooks to fools consumers. This time of year, ads claiming to have a popular item at a deeply discounted rate can be found. Just because you found it with a Google search doesn’t mean it’s legit. Criminals have been poisoning search results for years now with the hope of getting their fake ads to show up when someone searches for a popular term.

Your best bet? Go directly to reputable web sites, such as Amazon.com or Best Buy or Target. DO NOT purchase an item from a web site you are not familiar with, or even follow a link to a sale that claims to take you to a reputable dealer. Instead of the item, you can end up paying for something you never receive. And since you have likely passed on your credit card information, it sets you up for further fraud down the road.

Bad QR codes

A QR code, or Quick-response code, are those nifty barcodes that are popping up everywhere, attempting to get you to scan them and then find out more about a product or service.

But, of course, now that they are popular, malicious web sites containing QR codes for mobile apps starting cropping up earlier this year, too. The bad codes are being used to lure people into downloading malicious apps. So far, it has been seen primarily on the Android platform.

What can you do? Think twice about QR codes. If you really want to use them, be savvy. There is a free app called Red Laser that you can download and use to check out the web site that the QR code takes you to. If it is a web site with an .exe in the address, do NOT go there.

Bank/credit account alerts

“Your Bank of America account has been compromised! Your Paypal account has been suspended!” the alerts will scream. But have they? Doubtful. It’s just another ruse to get you to “click” on a bad link that will take you to a phishing site. Here they will ask you to enter your account number, password and everything else they need to get the keys to your financial kingdom. Don’t do it. If you think your account has been compromised, look up the bank’s number yourself (do NOT use the phone number the email has provided) and speak to customer service. Don’t click on any links contained in emails warning you your account has been compromised.

Shipping notifications

“Fed Ex deliver failed.” I get these in my spam folder all the time. Do you? It’s another common ruse – but it upticks this time of year, when folks are expecting shipments. Continue to ignore. Please. Don’t worry. If Fed Ex (or UPS, or DHL, etc.)was unable to ship something to you, they will try again.

Is your password secure enough?

 

 

 

 

 

One of the most important things you and your family can do is use strong passwords to access your computers and web sites. According to data from a firm called Splashdata, which is being widely publicized today, the top-ten worst passwords are:

1.  password
2.  123456
3.  12345678
4.  qwerty
5.  abc123
6.  monkey
7.  1234567
8.  letmein
8.  trustno1
10. dragon

Once a cybercriminal has guessed your password and accessed your machine, or a website, such as your Facebook profile or your email account, you’re owned. Once access to one site is obtained, they can then parlay that access into breaking into other sites. They can also spam out malicious emails to your contacts or pillage your messages for personal information that can later be used against you, or to steal your identity.

Here are some tips for creating strong password, courtesy of the security team at Microsoft. According to them, a strong password:

  • Is at least eight characters long.
  • Does not contain your user name, real name, or company name.
  • Does not contain a complete word.
  • Is significantly different from previous passwords.
  • Contains characters from each of the following four categories: Uppercase letters, lowercase letters, numbers and symbols.

Are you following these rules?  If you are not, it’s time for you, and your family, to get serious about using secure passwords.

 

Blog at WordPress.com.

Up ↑