THUNDER BAY – The holiday season is a time when criminals don’t take holidays. Cybercriminals take advantage of the possibility of shoppers being rushed to get those special gifts, or to not be as diligent as they should be online.
The Ontario Provincial Police (OPP) would like to help residents from becoming potential victims of fraud during the holiday season by sharing the following information prepared by the OPP Cyber Operations Section:
Every year around the holidays, there is a spike in online crime as cybercriminals try to take advantage of holiday shoppers. A broad variety of holiday scams were identified during an analysis that spanned every major social network. With the increased popularity of online shopping, it is more important than ever that shoppers are vigilant and take extra precautions to protect themselves and their families.
Most holiday shopping scams include cyber-attacks such as:
- Phishing – The purpose of this type of scam is to harvest personally identifiable information and credit card information. This is usually accomplished by using steep discounts to lure people to sites which are close imitations of legitimate retail websites to trick them into entering their credit card information.
- Malware – Similarly, these campaigns try to lure people into clicking links that will install malware on their computer or mobile device with the goal of harvesting information, installing ransomware, or adding it to a botnet.
- Fame Farming – Social media accounts are created which imitate well-known brands and use fake coupons and giveaways to rapidly gain followers, likes, and shares, giving the account the appearance of legitimacy. The account is then used to launch a variety of criminal activity including phishing, spam campaigns, and malware distribution.
Some of the most popular cyber scams seen this year are spread through social media and include:
- Fake Merchandise – Advertisements for deeply discounted merchandise that takes payment for goods without ever delivering.
- Fake Gift Card Generators – Advertisements for apps that generate gift card numbers for popular retailers such as the Bass Pro Shop, however, these apps usually contain malware.
- Fake Coupons – Offers of fake coupons for popular retailers aimed at tricking shoppers into providing personal information or downloading malicious apps onto their phone.
- Fake Giveaways and Contests – Fake giveaways and contests for popular and difficult-to-find items, such as “Hatchimals,” that are aimed at tricking shoppers into providing personal information or downloading malicious apps onto their phone.
Steps shoppers can take to protect themselves are:
- Beware of coupons and promotions distributed through sites other than the official retailer. If the site is requesting personal information or a credit card to enroll, be very suspicious of the link or website.
- Never enter your credit card information into a site that has no Secure Sockets Layer (SSL) certificate (https:// in the address bar). Without it, your credit card information can be intercepted.
- Note that having an SSL certificate does not necessarily mean that the site is legitimate or safe as criminals can obtain SSL certificates for their malicious sites.
- Ensure two-factor authentication is enabled on your social media accounts when available. This provides another barrier of protection should a malicious page steal your credentials.
- If a link prompts you to download and install an app or file, steer clear.