McAfee spotlights the '12 scams of christmas' to keep consumers digital lives safe

1 November 2013 Information Security, Products & Solutions

McAfee has released its annual '12 Scams of Christmas' list to educate the public on the most common scams that criminals use during the holiday season to take advantage of consumers as they shop on their digital devices. Cybercriminals leverage these scams to steal personal information, earn fast cash, and spread malware.

This year, holiday shopping sales are expected to soar to an estimated $602 billion. E-commerce sales are predicted to rise 15% compared to last year’s digital sales to more than $60 billion, with m-commerce comprising 16% of this number. Consumers should ensure that they are taking all precautions to protect the data saved on their devices.

To help consumers stay alert for greedy Grinches as they surf the Web for holiday travel deals and seek out gifts for their loved ones, McAfee has identified this year’s top '12 Scams of Christmas':

* Not-so-merry mobile apps — official-looking software for holiday shopping, including those that feature celebrity or company endorsements, could be malicious, designed to steal or send out your personal data. Criminals can redirect incoming calls and messages, offering them the chance to bypass two-step authentication systems where the second step involves sending a code to a mobile device.

* Holiday mobile SMS scams — FakeInstaller tricks Android users into thinking it is a legitimate installer for an application and then quickly takes advantage of the unrestricted access to smartphones, sending SMS messages to premium rate numbers without the user’s consent.

* Hot holiday gift scams — advertisements that offer deals on must-have items, such as PS4 or Xbox One, might be too good to be true. Clever crooks will post dangerous links, phony contests on social media sites, and send phishing e-mails to entice viewers to reveal personal information or download malware onto their devices.

* Seasonal travel scams — phony travel deal links and notifications are common, as are hackers waiting to steal your identity upon arrival. When logging into an infected PC with an e-mail username and password, scammers can install keylogging spyware, keycatching hardware, and more. A hotel’s Wi-Fi may claim that you need to install software before using it and instead infect your computer with malware if you 'agree'.

* Dangerous e-seasons greetings — legitimate-looking e-cards wishing friends 'Season’s Greetings' can cause unsuspecting users to download 'Merry Malware' such as a Trojan or other virus after clicking a link or opening an attachment.

* Deceptive online games — before your kids are glued to their newly downloaded games, be wary of the games’ sources. Many sites offering full-version downloads of Grand Theft Auto, for example, are often laden with malware, and integrated social media pages can expose gamers, too.

* Shipping notifications shams — phony shipping notifications can appear to be from a mailing service alerting you to an update on your shipment, when in reality, they are scams carrying malware and other harmful software designed to infect your computer or device.

* Bogus gift cards — an easy go-to gift for the holidays, gift cards can be promoted via deceptive ads, especially on Facebook, Twitter, or other social sites, that claim to offer exclusive deals on gift cards or packages of cards and can lead consumers to purchase phony ones online.

* Holiday SMiShing — during the holidays, SMiShing is commonly seen in gift card messages, where scammers pose as banks or credit card companies asking you to confirm information for 'security purposes'. Some even include the first few digits of your credit card number in the SMS message to fool you into a false sense of safety.

* Fake charities — donating to charities is common this time of year for many looking to help the less fortunate. However, cybercriminals capitalise on this generosity, especially during natural disaster events, and set up fake charity sites and pocket the donations.

* Romance scams — with so many niche dating sites now available to Internet users, it can be difficult to know exactly who the person is behind the screen. Many messages sent from an online friend can include phishing scams, where the person accesses your personal information such as usernames, passwords, and credit card details.

* Phony e-tailers — the convenience of online shopping does not go unnoticed by cyber scrooges. With so many people planning to shop online, scammers set up phony e-commerce sites to steal your money and personal data.

To keep consumers protected and ensure a happy holiday season, McAfee has shared additional safety tips:

Review apps 

Review mobile apps carefully before downloading. Check the comments section and confirm the app’s legitimacy directly with the parties that the software claims are involved. Double-check that the 'download' button is legitimate when attempting to install new apps on your phone. Use antivirus software and learn more about FakeInstaller here.

Deals and steals

If an offer seems too good to be true, it probably is. Purchase directly from the official retailer rather than from third parties online. Do your best to verify 'low' prices on this season’s biggest sellers.

Check gift cards that you receive for suspicious misspellings in the sender’s name or the name of the card company itself. Double-check IP addresses on the sites you use for shopping and look at customer reviews to verify an e-tailer’s legitimacy.

Always check the domain name on shipping notification alerts and be cautious of any that you receive when you have not sent a package or requested them. Only download or buy games from reputable websites. Check in with retailers about the legitimacy of a deal you see advertised and talk to your children about how to spot and avoid online potential scams.

Research before sharing

Banking and credit card companies should never ask you for personal information via text message. If you receive such a message, contact your bank directly via phone, secure website, or in-person. Some other specific examples include:

* Log on to trustworthy dating sites when looking for love online and be wary about sharing personal information of any kind to websites or individuals you encounter online.

* Do background research on the charity you’d like to donate to and think before sharing any type of personal information on a website that looks suspicious.

Be cautious when travelling

Before travelling, make sure that all of your software is up-to-date and run a virus scan. If you’re asked for a username and password after clicking a link, try using a fake input on the first login attempt. The extra few seconds it takes to load confirms that the page is actually looking for valid username/password combinations; scam sites will let you right in.

If you do plan to search for deals online, use apps or open shopping related emails, make sure your entire household’s devices have protection.





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Want effective Attack Surface Management? Think like an attacker.
Information Security
Effective ASM requires companies to think like attackers, anticipate risks, and act decisively to reduce exposure by knowing their environment, deploying a structured approach, leveraging capable tools, and addressing both internal and external risks.

Read more...
Secure, modernise and optimise CCTV
Surveillance Products & Solutions
Industrial and commercial organisations are navigating complex digital transformation processes. With SecuVue, companies can bridge the gap between operational technology and information technology for safer, smarter operations.

Read more...
The growing role of hybrid backup
Infrastructure Information Security
As Africa’s digital economy rapidly grows, businesses across the continent are facing the challenge of securing data in an environment characterised by evolving cyberthreats, unreliable connectivity and diverse regulatory frameworks.

Read more...
POPIA non-compliance puts municipalities at risk
Information Security Government and Parastatal (Industry)
Digital responsibility must go beyond POPIA compliance to recognising that privacy and service delivery are fundamentally linked. Despite this, only 51 out of 257 municipalities submitted their mandatory data protection and access to information reports in 2024.

Read more...
Choicejacking bypasses smartphone charging security
News & Events Information Security
Choicejacking is a new cyberthreat that bypasses smartphone charging security defences to confirm, without the victim’s input or consent, that the victim wishes to connect in data-transfer mode.

Read more...
Most wanted malware
News & Events Information Security
Check Point Software Technologies unveiled its Global Threat Index for June 2025, highlighting a surge in new and evolving threats. Eight African countries are among the most targeted as malware leaders AsyncRAT and FakeUpdates expand.

Read more...
Water mist for optimal fire suppression
Fire & Instrument Services Fire & Safety Products & Solutions
Building owners, facility managers and other professionals are seeking fire suppression solutions that can meet the demands of modern buildings and facilities, including reduced water usage and environmental impact, while providing the necessary protection for assets and business operations.

Read more...
Smoke 'em out
Fire & Safety Products & Solutions
The moment an intrusion is detected, Smoke Screen’s high-powered fog cannons activate, flooding the area with a dense, harmless fog that reduces visibility to near zero within seconds.

Read more...
Welcome to the new cyber battleground
Information Security
The Iran-Israel conflict is rapidly redefining modern warfare, pushing the boundaries of cyber capabilities and creating a new, borderless digital battlefield. Fortinet’s CISO, Dr Carl Windsor, offers a critical, in-depth analysis of the escalating tactics and global implications in his latest report.

Read more...
IoT innovation in water mist fire protection
Fire & Safety Products & Solutions IoT & Automation
Marioff, a provider of water mist fire protection, has introduced an Internet of Things (IoT) solution designed for high-pressure water mist systems, enabling real-time monitoring, smart alerts, and centralised control.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.