There's never a good time to lose a ton of money to an unscrupulous person over the internet, but the worst time would have to be Christmas. It's a period of intense gift buying, organising and for many people, stress - and unfortunately, scammers will use this to their advantage.
Phishing is the technique of choice for many hackers and scammers online. It involves sending out mass emails, using a fake website or similar online trickery to convince you to give up your information, or install some malware on your machine that will give up your information for you.
Whether it's a dodgy contact form, an iffy website or just a virus-laden link landing in your inbox, the aim is to bypass your normal thought processes and convince you to hand over your information as quickly as possible - because the longer you stay looking at a phishing email, the more likely the cracks are to appear.
There are a few ways phishers can get you to do this; it might be a very tempting offer, or a worrying emergency - but it's likely to have a sense of urgency about it. Because if something is urgent, you're more likely to act fast and think later. Here are the top phishing scams you need to keep an eye out for around Christmas time.
The online shopping scam
This fun little scam is especially effective at Christmas, because so many of us order our gifts online from a few different websites. This is more likely to hit your screens in email form, although it's possible you may find your way to a fake website when you're just browsing.
This email or website will offer an insanely great offer, and you know there's going to be some urgency behind it too - a countdown clock, or 'this great deal only applies to the first 100 customers'. It's designed to pressure you to click a link, pop your card details in, and then the scammers are away.
The best way to navigate this one is to google the reviews for a store before you buy, and let their previous customers vouch for them. When you are inputting your card details, you should be able to see the little green lock in the corner of the URL bar - this means the website is secure. If you can't spot a lock, or you can't find anything about them online, steer clear - it's definitely a scam.
The refund scam
Everyone feels the pinch around Christmas, so what could be better than a refund or an unexpected tax rebate? These kinds of scams will almost always turn up in your inbox, and claim to have a few hundred pounds for you because you overpaid in tax, or you have a refund that's finally been processed.
Around Christmas time, this scam is a real money spinner. If you receive one of these emails, it's probably going to ask for your bank details to 'process the payment'. If you do pop those details in, it's a merry Christmas for whomever ends up with them.
We can't speak for other countries, but in the UK you will never receive a tax rebate over email - they'll always go directly to your address, and you'll always receive them by post. For refunds from online stores, it is extremely unlikely that they'll ask you for your details over email - any money should just go back on the card or account you paid on.
The banking scam
The majority of us would have seen this scam in our inboxes now and again, but at Christmas, with so much money moving around, it's easy to get taken in. This scam will again appear in email form, and will purport to be from your bank or sometimes a banking service like PayPal
The email will claim that you need to confirm your banking or PayPal details, or your account will be closed imminently. It might also suggest that you are overdrawn, and you need to confirm your details to avoid any charges.
Banks will never email you asking for your information - if they want to contact you, they'll send you a letter. If you get one of these emails, don't click a link, don't enter any information or reply, just send it straight to spam.
The shipping email scam
If your Christmas is arriving courtesy of Amazon, or eBay, or any other online store for that matter, you're probably receiving dispatch and shipping emails for the majority of December. As such, this phishing email can blend in amongst them.
This email is going to look like your basic shipping or dispatch email, with a link to track your parcel, print a form to go and collect it or a link to have it redelivered. It might send you to a site that looks similar to the one you were expecting, which can make the scam all the more convincing.
This is probably the most difficult one to avoid, because around Christmas it's difficult to keep track of the couriers delivering all your parcels. The vast majority of couriers will leave a delivery note if they've attempted delivery, so if you're missing one be a little suspicious. It's also worth checking for typos in the email and the sender - and if you're really on the fence, head directly to the website you bought something from and inquire there.
So what can we do about these scams?
Unfortunately there's not yet any anti-virus software that promises to eradicate 100% of spam mail from your inbox (it's likely some of your personal emails would be thrown out for the greater good). But for our money, we'd recommend F-Secure and Sophos. Keep your anti-virus updated, and do regular scans, just in case any nasties have found their way onto your machine.
The most important thing to do when you receive an email you weren't expecting, or end up on a weird looking website is to slow down. Check the sender, check for spelling mistakes, and check the formatting of the email or website itself - all of these are little indicators that you might be about to get phished.
For the people in the back claiming they don't have anything worth stealing, or don't store their card details online, it's still worth exercising caution. Viruses can encrypt your files, making them impossible to open without paying off the hackers. One password, if used multiple times, can be used to get into accounts where more of your information is stored. What might not seem valuable to you can be incredibly valuable to a scammer.
If you're in any doubt, take a screen shot and send the photo (but not the original email or website!) to your IT support team. Stay vigilant, and send those phishing scams to Junk.
Tweet us @TranscenditUK