How to Avoid Online Scams During the 2022 Holiday Season

Ever since COVID pushed us head-first into a new everything-from-home way of life, cybercriminals have been more active than ever. With Black Friday and Cyber Monday fast approaching and Christmas just around the corner, you can expect those criminals to be working overtime. In this guide, we’ll show you how to avoid online scams, especially for the holiday period.

Key Takeaways:

  • Online scams are especially prevalent during the period between the Thanksgiving and Christmas holidays.
  • Common scams for this period include fake shopping websites and holiday versions of the perennial phishing scams.
  • Double-check websites and pay with a method that allows you to reverse transactions to avoid online shopping scams. Use security software, including a password manager, antivirus and VPN to protect yourself.

Online shoppers in the U.S. spent a total of $24.75 billion online over Thanksgiving, Black Friday and Cyber Monday in 2021, with Cyber Monday taking the biggest piece of the pie. If you’re planning on shopping online for the holidays, you need to do it safely. 

We’ll discuss the most common internet scams and how to recognize and avoid them, plus we’ll explain what to do if you fall victim to one. 

  • Many people are unfamiliar with online scams and gloss over details. Couple that with the draw of a high reward — or the threat of legal action in some cases — and it’s easy to see how even the most skeptical person can fall for a scam.

  • If you’re being phished, you need to be able to identify the sender. If it’s allegedly from a company or government service, contact that service directly to verify the authenticity of the email.

  • Do not click on links in emails or download any attachments unless you can identify the sender for certain. Double-check website URLs if you’re planning on making a purchase and be wary of deals that are too good to be true.

Many people are unfamiliar with online scams and gloss over details. Couple that with the draw of a high reward — or the threat of legal action in some cases — and itu2019s easy to see how even the most skeptical person can fall for a scam.n”}},{“@type”:”Question”,”name”:”How Do You Identify a Scammer?”,”acceptedAnswer”:{“@type”:”Answer”,”text”:”

If youu2019re being phished, you need to be able to identify the sender. If itu2019s allegedly from a company or government service, contact that service directly to verify the authenticity of the email.n”}},{“@type”:”Question”,”name”:”How Do You Avoid Online Scams?”,”acceptedAnswer”:{“@type”:”Answer”,”text”:”

Do not click on links in emails or download any attachments unless you can identify the sender for certain. Double-check website URLs if youu2019re planning on making a purchase and be wary of deals that are too good to be true.n”}}]}]]>

The Most Common Online Scams: Internet Scams Explained

Although internet scams come in many different shapes and sizes, most of them fit into several categories. Here are the most common types of internet scam.

most common online scams

Online scams are very common during the Black Friday and Cyber Monday online shopping craze.

Shopping Online Scams: Fake Shopping Websites

Cybercriminals can erect fake websites to lure customers into giving away their payment credentials and other personal information. These copycat websites can look very similar to the real thing, with differences only a frequent visitor might notice.

fake amazon

Fake shopping websites often have similar names and layouts, with only minor differences.

The first difference could be in the URL. Sometimes the copycat website will feature a common typo in its URL as a way to passively gain visitors, in a strategy known as typosquatting. You’ll also find differences in the logo and fonts, and text will frequently have poor grammar. Also look out for any contact info, as these websites will often lack it entirely. 

Online scam signs:

  • Slightly altered URL
  • Different logos and fonts
  • Typos and poor grammar
  • Lack of contact information

Fake Antivirus Software Scam: Scareware

Dodgy websites rarely care about what kind of ads they serve their visitors. Some of these ads might tell you that a number of viruses have been detected on your computer, prompting you to install antivirus software to get rid of them. However, the “antivirus” that it tells you to install is nothing more than a virus itself.

fake antivirus scam

Scareware gets you to download fake antivirus software by notifying you that your device is infected with viruses.

Online scam signs:

  • Highly alarming pop-up ad
  • Infection warning listing a high number of viruses
  • Unknown software company
  • Asks for immediate action

Phishing Scams

Phishing is the practice of sending fake emails, usually tailored to specific people, that entice the recipient to click on a malicious link or give out sensitive information. It’s usually done via email, but you can also be phished through other online communication, like Facebook messages. This is an incredibly common scam, responsible for 90% of all data breaches.

email phishing scam

Phishing emails are the most prevalent type of online scam.

Phishing emails usually have a legitimate-looking address and structure, with a formal signature at the end. The email will almost always be very alarming and include threats to get you to act quickly. 

One common phishing scam is someone posing as a representative of the IRS or another government agency asking for your social security number, or your bank asking for your account details, with the threat that you’ll be arrested or sued for failing to comply. 

Note that your bank will already have your account information, and your SSN should be easy to find for any government agency. This is another red flag in phishing schemes.

Online scam signs:

  • Suspicious email address
  • Alarming and threatening tone
  • Asks for information that they should already have
  • Directs you to open a link or download an attachment
  • Threats of financial and legal repercussions

Disguised Malware

If you want to shop online from your phone, it’s easy to download a fake shopping app from the store. The Apple app store has strict approval guidelines, but the Google Play store is a bit more lax with what it lets through. This can include apps with similar names to official online shopping apps. 

You need to make sure the uploader is legitimate, and you can do so by looking at other products they have uploaded. 

You can also download a fake app from a fake website. Sometimes a fake shopping site will prompt you to pay through its mobile app, or it will tell you to install a toolbar to get special discounts. 

Online scam signs:

  • Slightly altered URL
  • Different logos and fonts
  • Typos and poor grammar
  • Lack of contact information

Advance Fee Scam

This online scam is perpetrated by someone who claims to be very wealthy, but needs your help to take money out of the country. They only need a small payment from you in order to make that happen, and in return, they will give you part of their massive wealth — or so the scam goes.

The most famous version of this online scam is the Nigerian prince scam. There are other versions of the scam as well, but the common denominator is that the scam requires a small advance payment from you, so that you can receive a reward later on.

Advance fee scams:

  • The person is outlandishly wealthy, yet needs your help
  • Rewards a small investment with a disproportionately large sum of money

Impersonation and Identity Theft Scams

Oftentimes, a scammer will impersonate someone else to get you to send them money. Similar to the Nigerian prince scam, the grandparent scam is a bit more insidious. It involves someone pretending to be a close relative whom you’ve forgotten about, who is now in dire straits and can only receive cash via a money transfer service like Western Union or MoneyGram.

identity theft scam

Identity theft scams involve scammers pretending to be other people to defraud the victim of their money.

Another form of this scam is the romance scam (also known as catphishing), where the scammer sets up a fake profile with photos of an attractive person on social media or a dating site. The person will approach the victim with romantic intent, but will refuse to meet in person for various reasons, and will demand payment from the victim in order to meet.

Online scam signs:

  • The person can’t clearly identify themselves as a relative or acquaintance
  • Dating profile that’s too good to be true
  • Refuses to meet in person
  • Only accepts cash through Western Union or similar

Despite the onslaught of online scams during the holidays, you can stay safe as long as you follow some common-sense rules. Here are a few ways to protect yourself and avoid getting scammed on Black Friday and Cyber Monday.

1. Double-Check Websites

Before you make a purchase, make sure that the website you’re on is the real deal, especially if you got there through a link or an ad. Common differences between a real website and a fake one are:

  • Misspelled URL (“amaz0n.com” vs “amazon.com”)
  • Different domain (“aliexpress.net” vs “aliexpress.com”)
  • Similar but different logo
  • No contact information
  • No support page
  • Payment page that redirects to another website

2. Pay Through a Secure Payment System

The average value of an online order in the U.S. is around $120, according to Salesforce. That’s a lot of money to lose to a scam website. 

Never trust a website that forces you to use a payment method that won’t allow you to get your money back. Secure payment methods, like Google Pay, Apple Pay or PayPal have protocols in place to force a refund in the event that you get defrauded.

If your bank has fraud protections, using a credit or debit card from that bank is also a good idea, but you still have to make sure the payment portal is secure.

3. Avoid Black Friday Offers That Seem Too Good to Be True

Black Friday discounts are a very strong premise for phishing and other types of scams. Although you might still find a crazy deal on an expensive item here and there, doorbuster deals are usually only for items that don’t sell that well. If you get an email from a web store claiming to offer 90% off a brand new MacBook, that should be a red flag.

4. Use a Password Manager and Two-Factor Authentication

Setting a strong password for your account can protect your account from intrusion, but only as long as you don’t get scammed into divulging your login. If you use that same password and email across multiple websites, you are much more likely to lose access to all of those accounts.

1password vaults

A password manager can generate a different password for every website you visit and keep track of all of them.

A password manager like 1Password can generate a unique password for every website you visit, minimizing the risk if one of your passwords is part of a data leak.

Plus, even if you lose your password, two-factor authentication can still protect you from unauthorized logins. Just make sure not to mindlessly click away the notification telling you that someone is trying to log in to your account.

5. Get a Good Antivirus Program

Even if you fall victim to phishing or a virus-laden website, you can still protect yourself from malicious software by using an antivirus. Yes, Windows has its own Windows Defender preinstalled, but it’s not the same as using a dedicated antivirus or anti-malware program.

Schedule a weekly scan to make sure you’re always safe.

6. Use a Reliable VPN

A VPN is security software that encrypts your internet connection to protect you from hackers, but the best VPN providers also offer extra features. For example, ExpressVPN comes with malware protection and a password manager for extra online security.

ExpressVPN app

A VPN can protect your internet connection by encrypting your traffic.

What to Do If You’ve Been Scammed

If you’ve already fallen victim to an online scam, you should report the scam to the authorities. Filing a police report should be your first move, although the police investigation may not yield the results you want. You can also file a report with the FBI’s Internet Crime Complaint Center (IC3) to notify it about the scammer.

If you’ve lost money to a scammer, immediately contact your bank, PayPal or whatever other service you used to pay — you might be able to get the payment reversed. If you’ve divulged your bank account information, contact the bank and have your account frozen before any damage can occur.

Finally, if you’ve had your personal or financial information stolen, go to IdentityTheft.gov and follow the steps corresponding to the type of information that was stolen.

That’s it for our online scam guide. We hope you come away from this article more informed about the top internet scams and how to avoid them. Remember, always second-guess a deal that’s too good to be true, and if a website looks a bit fishy, check the URL and logo for authenticity. Always verify emails attempting to obtain personal information or asking you to send money.

Have you ever gotten a phishing email? What online scams are you familiar with? Have you ever fallen for an online scam? Let us know in the comments below, and as always, thank you for reading.

Let us know if you liked the post. That’s the only way we can improve.



Source