As the festive time approaches, McAfee is warning people to be on the look out for a whole host of scams and online attacks.

Ironically, the season of goodwill can be one of the most dangerous times to be online, as cybercriminals take advantage of the holiday season to steal consumers’ money, identities and personal and financial information.

Jeff Green, senior vice president of McAfee Labs, said:
“Cybercriminals’ use their best schemes during the holidays to steal people’s money, credit card information, social security number and identity. These thieves follow seasonal trends and create holiday-related websites, scams and other convincing e-mails that can trick even the most cautious users.”

So McAfee have listed the top 12 scams of Christmas.

• Number one is the invidious charity phishing scam. At Christmas, many people’s minds turn to giving to charity and this is also the time when the number of phishing emails that seem genuine – but are in reality bogus and designed to steal donations, credit card information and the identities of donors – jump dramatically.
• Number two concerns companies who are extremely busy during the festive season with orders and aren’t always as observant as they should be. Cybercriminals are adept at sending out fake invoices and delivery notifications appearing to be from the large courier companies, but which are designed to obtain credit card details to credit back the account (money for nothing in effect), or require users to open an online invoice or customs form to receive the package. And once that is completed, the person’s information is stolen or malware is automatically installed on their computer.
• Number three is when cybercriminals exploit people on social networking websites. Christmas is a time when people often communicate and catch up on things, and as such, they are open to attack. Hackers send out genuine looking “New Friend Request” e-mails from social networking sites, but many users fail to realise that there are often platforms for all types of viruses.
• Number four is the popularity of holiday e-cards at this time of year. McAfee discovered last Christmas a worm masked as Hallmark e-cards and McDonald’s and Coca-Cola holiday promotions.
• Number five is about offers that appear to be a really good deal. Recently McAfee uncovered a new holiday campaign that leads shoppers to malware-ridden sites offering luxury gifts from Cartier, Gucci, and Tag Heuer with apparent huge discounts. The products never existed of course, but the cybercriminals use such tactics to part people with their personal and financial details, and then their money.
• Number six – online shopping has exploded over the recent years, but those people who use hotspots (found in cafes, airports and hotels) should be careful if they make purchases then and there. Users on open hotspots can be spied by hackers who can then steal personal and financial information. McAfee reminds people that they should never shop online from a public computer or on an open Wi-Fi network.
• Number seven is another scam which dispassionately exploits people at Christmas. Those searching for a holiday ringtone or wallpaper, Christmas carol lyrics, or a festive screensaver, can be directed towards bogus websites which contain files, to be downloaded, that infect a user’s computer with spyware, adware or other malware.
• Number eight is another scam which targets people who are especially vulnerable. Out of work people can become especially desperate in the approach to a holiday season to try and obtain work, in order to afford Christmas. Cybercriminals are quick to promise of high-paid jobs and work-from-home moneymaking opportunities. But, of course, once interested persons submit their information and pay their “set-up” fee, hackers steal their money instead.
• Number nine is scams which involve cybercriminals preying on auction sites which become especially busy during the holiday periods. The solution here is for buyers to be very cautious about what goods they are buying and who from. Basically, if it looks a great deal, then be sceptical.
• Number ten is a perennial problem: the password stealers. To do most things on the internet requires a password; anyone who copies that password can then masquerade as a particular person, download their financial and personal details, and even order goods on their behalf. Passwords are stolen in a number of ways, not least pieces of code, malware, which record keystrokes and key logging activities. These can then be used to calculate a given password.
• Number eleven is another perennial: email banking scams which tend to increase during a holiday period, as the logic goes that people are more anxious to ensure they don’t get locked out of their account during busy purchasing times. It involves tricking customers in revealing their bank details by sending official-looking e-mails from financial institutions. The email, which is usually quite a good copy of the real thing, asks users to confirm their account information, including a user name and password, with a warning that their account will become invalid if they do not comply.
• Number twelve is the increasingly used ransom scam. Using several holiday scams, hackers gain control of people’s computers and then act as virtual kidnappers to hijack computer files and encrypt them, making them unreadable and inaccessible. The scammer’s pitch is then simple: pay me money and I will release your computer’s files. Straightforward and effective, but particularly nasty.

Guest Article by Neil Camp 

Related posts:

1. Clampi Virus Targets Online Banking
2. McAfee Identifies Most Dangerous and Safest Web searches
3. Things worse say McAfee
4. UK Cybercrime Growth
5. McAfee Establishes Cybercrime Response Unit