It’s beginning to look a lot like the holiday season – and with the holidays comes various opportunities for cyber-scrooges to exploit. While users prepare for the festivities, cybercriminals look for opportunities to scam holiday shoppers with various tricks. To shed more light on how these crooks are putting a damper on user’s holiday season, McAfee surveyed over 8,000 adults on the types of scams they’ve encountered over the last year.
The Scams of Christmas Past
Cyber-scrooges have upped the ante over the years, using more sophisticated measures to adapt to consumers’ evolving digital lifestyles. However, scams of Christmas Past are still haunting users today, as global findings indicate that email and text phishing are still prevalent. For example, the percentage of respondents stating that they still experience email phishing ranges from 25% in India to a whopping 42% in France. Respondents stating that they still experience text phishing ranged from 21% in India to 35% in Australia.
Additionally, robocalling has seen an increase in popularity in 2019. A robocall is a phone call that uses a computerized autodialer to deliver a pre-recorded message, as if from a robot. Fifty-one percent of respondents in France stated that they still receive robocalls. The survey found that 48% of respondents in the U.S. and 32% of Australians receive robocalls, as well as 34% in Spain, and 33% in Germany claimed that they have fallen victim to robocalls.
The Scams of Christmas Present
During the holidays, cyber-scrooges are likely to further exploit scams of Christmas Present to take advantage of users’ generosity. For example, several survey respondents in the U.K., France, Germany, Spain, Australia, India, and Singapore stated that they had fallen victim to fake charity scams in 2019. Knowing that many people enjoy making donations during this time of year, cybercriminals will likely pose as a charity online as a ploy to collect financial data and money from unsuspecting users.
Since many people do a lot of their holiday shopping online, users should also beware of shipping notification scams, as respondents in the U.K., Spain, Australia, India, and Singapore have fallen victim to these scams throughout this year. This scam, along with all those of Christmas Past and Present, proves that as people continue to adopt technology into their everyday lives, they are in turn giving cybercriminals more opportunities to exploit during the holiday season.
The Scams of Christmas Future
Whether it be email phishing or fake charity scams, users must stay updated on common cyber-scrooge practices to help protect their personal and financial data. As more data and user credentials are gathered from breaches, cybercriminals are looking to take their business to the next level and leverage more advanced techniques. For example, the cybercriminal underground poses a threat to users with more than 2.2 billion stolen account credentials made available for purchase in Q1 2019. These crooks will likely continue to sell and share user data across the Dark Web for the possibility of more profit.
Need help with security awareness training? Schedule a no-commitment consultation with us here.
Cybercriminals will also leverage data collected from breaches to better understand which users to target and how they can easily target them with social engineering and AI (artificial intelligence). Most users will probably ignore a call from an unknown number, but what about a call from a family member? Cybercriminals will create more sophisticated scams by including a family member’s caller ID in the hopes of exploiting users through more personal engagement.
Attacks will not only likely grow in sophistication but in volume in the future as well. From interactive speakers to IP cameras to other internet-connected devices like thermostats and appliances — IoT devices have greatly increased the attack surface. As we see an increase in the volume of devices going into homes with a lack of security controls built-in, cybercriminals will likely focus on exploiting consumers through these gadgets. The good news? As we look ahead towards the scams of Christmas Future, we can also work to better prepare our networks and devices before we fall into cybercriminals’ traps.
Even though users believe that cyber-scams become more prevalent during the holiday season, a third don’t actually take steps to change their online behavior. To help ensure your holiday season goes off without a hitch, follow these tips to help stay secure:
1. Say so long to robocalls. Consider downloading the app Robokiller that will stop robocalls before you even pick up. The app’s block list is constantly updating, so you’re protected. Let all other unknown calls go to voicemail and never share personal details over the phone.
2. Go directly to the source. Be skeptical of emails or texts claiming to be from companies or charities with peculiar asks or messages. Instead of clicking on a link within the email or text message, it’s best to go straight to the company’s website or contact customer service.
3. Hover over links to verify the URL. If someone sends you an email with a link, hover over the link without actually clicking on it. This will allow you to see a link preview. If the URL looks suspicious, don’t interact with it and delete the email altogether.
We’ve seen how 2020 has changed our work and home lives especially in terms of using technology and the internet. Work from home and BYOD has fast become the new normal. As we face today’s world under this new normal, we should not let down our guards.
If you need help in securing your data, network and systems, schedule a time with us here.
Sections of this article originally appeared in a blog by Gary Davis (McAfee blog, November 2019)