"On the fifth day of Christmas my true love sent to me: an e-card with a malware, link to a fake charity, one bogus travel offer, an online game from a suspicious website, and a gift card that can buy me nothing!" Now that the holiday shopping season officially kicked off, computer security firm McAfee reminds consumers that it is also the time of the year when scammers prowl and look out for unsuspecting victims.
McAfee has released a list of "12 Scams of the Holidays," so consumers will not fall prey to scammers as they shop online. According to the company, with digital sales expected to hit $60 billion this season, it also opens a big window for cybercriminals who want to spread malicious files, steal identities, and bag some cash for themselves. The list includes the most common scams that consumers might encounter as they shop online:
1. Not-So-Merry Mobile Apps - Watch out for apps containing malware. Before downloading any app, check out the credentials of the developer.
2. Holiday Mobile SMS Scams - Android users fall victim to FakeInstaller, which pretends to be a legitimate installer for an application, but once downloaded, hijacks the victim's device, sending SMS messages to premium rate numbers without the user's knowledge or consent.
3. Hot Holiday Gift Scams - Watch out for advertisements that offer free popular items of the season e.g. PS4, Xbox One or iPhone 5s. Usually, these are phony offers and contests and their aim is to lure victims into giving out their personal data or download malware on their devices.
4. Seasonal Travel Scams - Scammers target people into clicking on phony travel deals, which will send you on a trip to malware land.
5. Dangerous E-Seasons Greetings - Watch out for e-greeting cards from unknown people. They may contain malware, Trojan or a host of other virus.
6. Deceptive Online Games - Find an online game interesting? Check out its reviews and sources first. Many sites that claim to offer free online games, hide malware in the background.
7. Shipping Notifications Shams - Don't open any unexpected emails from Fedex, UPS or other shipping or courier company. Especially if they claim that you've received a package.
8. Bogus Gift Cards - Don't buy gift cards from sites that look suspect. Even if they claim to have good deals.
9. Holiday SMiShing - Watch out for SMSes purportedly sent by known or unknown banks with messages that you've received a certain sum of money or your credit card account or bank account has been suspended. Call the bank first to ascertain it.
10. Fake Charities - Donating is good but watch out for scammers who set up fake donation sites during natural disaster events, so that the proceeds can go to their pockets.
11. Romance Scams - Watch out for dating sites that look suspect. Scammers prey on lonely hearts and trick them into giving out their personal information or credit card details.
12. Phony E-Tailers - Watch out for phony online shopping sites whose one and only goal is to steal our money and personal data.
"The potential for identity theft increases as consumers share personal information across multiple devices that are often under protected. Understanding criminals' mindsets and being aware of how they try to take advantage of consumers can help ensure that we use our devices the way they were intended - to enhance our lives, not jeopardize them," said Vice President and Chief Privacy Officer at McAfee, Michelle Dennedy, in a statement.
To ensure that the holiday season will be merry for consumers, McAfee reminds consumers to always remember certain safety tips.
"Review mobile apps carefully before downloading. Check the comments section and confirm the app's legitimacy directly with the parties that the software claims are involved," McAfee said. "If an offer seems too good to be true, it probably is. Purchase directly from the official retailer rather than from third parties online."
The computer security firm also warns consumers to be careful when traveling and to do their homework before giving out any information.
"Before traveling, make sure that all of your software is up-to-date and run a virus scan. If you're asked for a username and password after clicking a link, try using a fake input on the first login attempt. The extra few seconds it takes to load confirms that the page is actually looking for valid username/password combinations; scam sites will let you right in," it said through the press statement.