CRN.com | Nov 26, 2010
Is it that time of year already? During the next few weeks, users will be rushing to buy presents, attend winter concerts, and decorate their houses for that holiday party.
Amid the frenetic holiday shuffle, it’s easy to let your guard down when shopping for those last minute gifts online. But hackers are waiting with a slew of scams and tricks that will turn that stocking stuffer into a lump of coal.
With insights from McAfee Labs threat research, here are 12 Scams Of Christmas, that could make for a very unmerry holiday this year.
So you better watch out!
Fake Gift Cards
Gift cards are often considered perfect gifts when you don’t know what to get. And cyber crooks think so too.
Lately, cyber crooks are using social media to promote fake gift card scams, in exchange for stealing users’ personal information and money, which is then sold on the black market and used for identity theft activities.
McAfee reported that a recent Facebook scam offered a free $1,000 Best Buy gift card to the first 20,000 users who signed up for a Best Buy fan page — which, of course, was spoofed. However, in order to receive their promised gift card, users were required to provide personally identifying information and take a series of quizzes. But instead of a gift card, users likely just received a big headache from cleaning up an identity theft mess.
Bogus Holiday Job Offers
This time of year, everyone could use a little extra cash. That fact has not been lost on the hackers. Subsequently, Twitter scams have been floating around containing malicious links to sites that promote phony job offers that promise high-paying, work-at-home jobs. All users have to do is fill out a detailed application to be considered.
In reality, the phony jobs are just a hook to trick users into submitting personal and sensitive information, such as e-mail addresses, home addresses, cell phone and Social Security numbers.
In the end, users are left with an identity theft scheme to clean up, instead of a job or extra holiday cash. The tried-and-true adage applies — if it looks too good to be true, it probably is.
For hackers, the old stand-by E-card never fails to disappoint. The rise in E-cards, now delivered over social networks, has also opened up a new threat vector for cyber criminals to distribute malware. During attacks, users will open up a cute and fuzzy greeting card appearing to come from someone they know. In reality, the program will be dropping malicious code, such as Trojans or keyloggers, onto their computers, which enable hackers to access their victim’s data and take control of the machine.
Later, users might realize what happened when their computer starts displaying pornographic messages, pummels them with pop-up ads or starts sending E-cards and spam sourced to them.
When in doubt, play it safe and refrain from opening up an E-card, even if it appears to come from a friend. Instead, call your friend to confirm he or she sent it. Or better yet, write out a greeting card the old-fashioned way — by hand.