A Holiday Scams Security Advisory

As we all gear up for the holiday season (signing up for every list of shopping deals), so are cyber criminals. It’s an exciting time of year for everyone. We have Black Friday, Cyber Monday last minute discounts, and for the criminals, a crowd thirsty to save a dollar or two on a deal. Holiday scams have been around for a while, so be aware as you shop.

I remember covering holiday scams as far back as 2006 (when I started really diving into this subject), watching criminals abuse Google ranking, poisoning web pages with misleading ads, trend-jacking (these were the days before hashtag-hijacking) and doing anything that would bring unsuspecting victims to their malicious sites.

Fast forward to this holiday season, and it isn’t going to be any different. We’ll see popular brands get abused online with misleading posts about holiday deals. We'll see fake coupons and counterfeit goods. We’ll witness trend hijacking, in which criminals closely watch trending topics and search terms and target their spam campaigns and social attacks to whatever is popular.

Of course, new technology will be more susceptible in holiday scams as it’s the “new kid on the block” and everyone is rushing to use it. Case in point: Google checkout, PayPal and most recently Facebook’s donate button, are all receiving the scammer treatment. Criminals will go to great lengths to make their scam campaigns look and feel as realistic as the payment mechanisms we trust on a daily basis. On the topic of trust -- expect to see more of the traditional pyramid scams blend in with the holiday spirit, such as “secret sister” popping up as the holiday scams season gets rolling.

Our advice to you is, if it looks too good to be true, it probably is. Carefully check what you are clicking on, and run a couple of searches on anything you are hoping to purchase. Make sure web addresses are legit and not mimicking a popular site (like am4zon or netfl1x). Although social networks can be a fertile ground for criminals to take advantage of potential victims, it is also an extremely powerful crowdsourcing platform that can weed out scams fairly quickly, and provide insight into shady establishments, promotions and activity. From a consumer security perspective, it's both a blessing and a curse. The best advice is simply to be vigilant.

Stay safe this holiday season! And stay foxy!