Holiday shopping season has arrived – and, with it, so have holiday-shopping scams!
I suggest that you read both the following about various holiday-related email scams for which you should watch out, as well as the article, Beware These 14 Dangerous Holiday Shopping Scams, about various other forms of scams that seem to proliferate annually during this time of year.
1. “There are problems with your order” emails
Criminals may send you an email that appears to come from an online retailer, and which tells you that there is some issue preventing fulfillment of one or more of your orders. The email may, for example, tell you that an item is back-ordered and not going to arrive before Christmas or Hanukkah, and ask you to verify whether or not you still want the order to be placed. To do so, you are instructed to click some link, that, naturally, takes you to a site that either “phishes you” and steals your login information to the retailer’s site, installs malware on your computer, or both. If you receive any emails from any retailers telling you that there are problems with some order that you placed, do not click links in the messages; instead, visit the retailers’ websites directly by entering their URLs into your web browser – and do so from home or work, not while using a public Wi-Fi network. And, of course, do not open attachments sent to you by retailers (or, as the case may be, parties impersonating retailers). Keep in mind that scammers usually do not know what you have purchased online or your order numbers – so any email that does not reference an order number and items ordered, but which appears to come from an online store, is especially suspect; that said, most people do not know order numbers by heart and do not bother checking them when they receive an email, so a criminal who puts a random order number of the form actually used by a retailer is likely to trick many folks into believing that an email is legitimate. Do not fall for that scam.
2. “There are problems with your payment” emails
This scam email, which is a variant of the one mentioned above, entails a “retailer” sending you an email (or, in some cases, a text message) that there is some problem with a payment that you used for making a purchase; the email asks you to submit new credit card, debit card, or other payment-related information either by clicking some link, responding via email, or by calling some phone number. Of course, do not follow such instructions. Instead, go the retailer’s website to check for any problems with the order – do not trust emails. Also, keep in mind that you should not trust an email just because it contains the last four digits of your credit card number – criminals could have stolen this information, but, even if not, the laws of probability dictate that someone sending out millions of scam emails containing a random four-digit code will get those numbers right for thousands of people. You could be one of them.
3. Delivery-service problem emails
Holiday season is the busiest time of year for package delivery services; a larger number of people than at any other point during the year receive items that are transported from sellers and delivered by UPS, FedEx, the United States Postal Service, and other couriers. Criminals exploit people’s anticipation of (and reliance on) deliveries with a simple technique: the crooks send out emails (and text messages) that impersonate correspondence from courier services. As before, these messages may deliver malware via attachments, or may direct users to phishing or malware-spreading websites. If you have questions about a delivery – or receive an email alert about a delivery – visit the carrier’s website by entering its URL into a web browser (from your home or work network) and then submit the relevant tracking number; do not click on links in an email or open any attachments sent to you in such an email.
4. Fake invoice emails
Sometimes criminals send fake invoices impersonating online stores; these “invoices” may scare people into thinking that they somehow unintentionally placed an order, or were charged more than they expected for some item, or were somehow defrauded by someone using their credit card number — any of which lead them to click links within the invoice message in order to contact the seller. If you receive an invoice for an order that you do not recognize, or that has incorrect information, contact the seller directly – do not follow any instructions contained within the invoice or related email messages.
5. Bogus deal emails
Criminals know that, during holiday season, shopping is on many people’s minds, so they send out emails containing details of bogus “amazing deals.” A $100 Amazon gift card for $10? A free $500 item from eBay? If it sounds too good to be true, it probably is. In any case, check for deals by going to the relevant retailers’ real websites by entering their URLs into your browser while using a safe network (at home, at work, etc.), or by going to a known, trusted shopping and deals site; as before, do not click links in emails – no matter how good a deal within them seems to be.
6. Fake survey emails
During the holiday season, people seem to be especially likely to fall prey to scams involving fake surveys offering great rewards in exchange for participation; surveys focused on holiday shopping sound real, especially when the survey email claims that the survey is sponsored by some online retailer with which the shopper just did business. DO not click links in surveys or open attachments – better yet, it is often best not to participate at all.
Good luck with your holiday shopping – and stay safe!