Cyber Security Center

Be careful of holiday shopping scams and malware, CISA warns


Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning for users to be careful of holiday shopping scams and malware.

 

Screenshot (98)

With only a couple of weeks left until the holiday season begins, the Cybersecurity and Infrastructure Security Agency encourages users to be cautious of potential holiday scams and malicious cyber campaigns, particularly when shopping online.

Scammers become particularly active during the holiday season. Many people start doing their holiday shopping, look for charities to support, etc., thus providing scammers great opportunities to scam people. They launch special spam campaigns, hide behind known charity names, send malware concealed as eCards, promote fake online stores with huge discounts, and try to trick users into revealing login credentials with phishing attacks.

“As this holiday season approaches, the Cybersecurity and Infrastructure Security Agency (CISA) encourages users to be aware of potential holiday scams and malicious cyber campaigns, particularly when browsing or shopping online. Cyber actors may send emails and ecards containing malicious links or attachments infected with malware or may send spoofed emails requesting support for fraudulent charities or causes,” CISA says.

To protect yourself, we urge you to learn how to spot credit card fraud, phishing emails, fake online stores and discounts, various types of scam emails, holiday and ticked fraud, etc.

7 tips to protect you from holiday shopping scams and help you shop safely

  • Do not open unsolicited email attachments. Holiday-themed spam emails will increase in the upcoming weeks, and you should be especially careful not to open anything malicious. One of the more common email holiday scams is ecards. If you receive an ecard from someone you do not know, do not open it as it likely is disguised malware;
  • If you’re looking to support a charity, check its authenticity first. Loads of scammers will try to scam users by promoting fake charities, a type of scam that becomes pretty popular during the holidays as many people start actively looking for charities to donate to;
  • Check whether an online store is legitimate before making any purchases. With Black Friday and the holidays coming up, loads of fake stores will start promoting their non-existent discounts. This especially becomes an issue during Black Friday when people are looking for discounts and low-priced items;
  • Check whether your information is being encrypted when shopping online. The main indication that your data will be safely encrypted is https instead of just http in the URL, as well as a padlock icon showing a closed padlock. Do click on the padlock to check that it’s not scammers faking the icon;
  • Always read the Privacy Policy. Before making any purchases or even providing your personal information, check how the website handles your data. While reading the Privacy Policy may seem daunting, at least check the main clauses;
  • Consider getting a separate card/account for online purchases. Using a card not connected to your main bank accounts to shop online and keeping only the necessary amount of money in it could save you a lot of trouble if your information was stolen/leaked;
  • Regularly check your bank statements and if you’re using your bank’s mobile app, turn on notifications for payments/transactions.

While you should always be careful when shopping online, the holiday season is when you should be particularly attentive.