top of page

Twelve Frauds of Christmas

ICA Consultancy, Twelve Frauds of Christmas, eleventh day

On the eleventh day of Christmas, 

the malicious actors gave to me,

Eleven Data Breaches,

Ten Naughty Support Calls,

Nine Spoofed Delivery Notes,

Eight Dodgy Wi-Fis,

Seven Infected Greeting Cards,

Six Fake Charities,

Five Suspect Gift Cards,

Four Dodgy Retailers,

Three Investment scams,

Two fake profiles,

And a phishing email in my inbox 

 

11. Personal Data Breaches:

  • What to watch for: Data breaches that expose personal information, such as contact or financial information. This may also include your username (email) and password. Look out for:

    • Unexpected account activity

    • Strange emails or texts claiming to be from known services

    • Unfamiliar transactions on your accounts

    • Login attempts from unknown locations

    • TIP: regularly check haveibeenpwned.com to see if your data has been compromised.

  • How to protect yourself: There are various actions you can take to manage the impacts of a breach of your personal data:

    • Monitor your accounts regularly for unauthorised activity and consider using a credit monitoring service.

    • Do not reuse passwords across different services (or at the very least consider using different passwords based on trustworthiness of the site).

      • Better still, use a password manager

    • Always use Two-Factor (also known as Multi-Factor) Authentication. Avoid using SMS-based Two-Factor wherever possible.

    • Be cautious with sharing personal information online

    • Keep software and apps updated

    • Be extra vigilant for follow-up scams


ICA Consultancy, banner, download twelve frauds of Christmas

 10. Tech Support Scams:

  • What to watch for: Let’s be frank, unless you are talking about your company’s technical team and company devices, no-one is monitoring your devices and proactively wanting to protect you. Look out for:

    • Unsolicited tech support calls or pop-ups claiming to detect malware on your computer.

    • Callers creating urgency or fear about your device's security

    • Requests for remote access to your computer

    • Pressure to purchase unnecessary software or services

    • Demands for payment in gift cards or cryptocurrency

  • How to protect yourself: 

    • Be cautious of unsolicited tech support calls or pop-ups

    • Do not click on any links associated with these notifications

    • Never provide personal information or remote access to your computer to unknown callers

    • Hang up immediately if you suspect a scam

    • Report suspicious calls to Action Fraud

 

9. Spoofed Delivery Notifications

  • What to watch for: Fake notifications that appear to be from legitimate carriers, often linking to malware or phishing sites. These may also be in the form of a physical card with a QR code to scan. Look out for:

    • Unexpected delivery notifications (from carriers or senders you don't recognise)

    • Suspicious sender email addresses

    • Requests for personal or payment information

    • Generic greetings (Sir/Madam)

  • How to protect yourself: It can be hard to spot, especially when you may be expecting so many deliveries coming up to Christmas:

    • Think as to whether you are expecting a delivery.

    • Check the sending email address, by hovering your mouse over the email name.

    • Look up the delivery company’s details through their website and contact them directly to confirm if this is legitimate.

    • Use official apps to track delivery

    • If in doubt, do not scan QR codes or click on links.

 

8. Public Wi-Fi Scams:

  • What to watch for: Spoofed public Wi-Fi networks that can be used to intercept data.

    • Fake WiFi networks mimicking legitimate ones

    • Man-in-the-middle attacks stealing your data

    • Password and banking details interception

    • Malware distribution through compromised networks

  • How to protect yourself: If you use public Wi-Fi:

    • Use a VPN when connecting to public WiFi

    • Verify network names with staff

    • Avoid accessing sensitive information on public networks

    • Enable your phone's mobile data instead when possible

    • Ensure you are accessing a site securely, check for 'HTTPS' at the start of the website address

 

7. Malware-laden Holiday Emails:

  • What to watch for: E-cards or greeting cards containing malicious links or attachments. Be suspicious of:

    • Unexpected e-cards from unknown senders

    • Pressure to open immediately

    • Generic greetings or odd sender addresses

    • Requests to download software to view the card

  • How to protect yourself: Be cautious of unsolicited e-cards or greeting cards, especially those with attachments or links. Avoid clicking on links or opening attachments from unknown senders.

    • Verify the sender through another channel

    • Hover over links before clicking

    • Use updated antivirus software

    • If in doubt, throw it out! (bin it)

 

6. Fake Charity:

  • What to watch for: Fake charities soliciting donations, often using emotional appeals. Look out for:

    • Urgency to donate immediately

    • Only accepting specific payment methods (like wire transfers)

    • Spelling errors in charity names or communications

    • No registered charity number

    • Unsolicited contact via email or social media

  • How to protect yourself: Research charities, on the Charities Commission website, before making donations. If you want to donate, do so through their official website, not links in their emails, and use secure payment methods. Do not be manipulated into making donations through undue emotional pressure.


5. Gift Card Scams:

  • What to watch for: Requests for gift cards to be purchased to make payment for goods or services. These could appear to come from the government, a family member, as part of a romance fraud, or utility company, as well as others.

    Also watch out for, too-good-to-be-true gift card deals.

  • How to protect yourself: Be wary of requests for gift card payment, especially from unknown or suspicious sources. Legitimate businesses typically don't request gift card payments.

    If you are buying guft cards for yourself or others as a gift, then do you research, make sure you care using secure payment options, and buy them from reputable sites.

 

4. Fake Online Shopping Websites:

  • What to watch for: Counterfeit online stores that:

    • sell goods at suspiciously (too good to be true) low prices.

    • use pressure tactics ("Only 1 left")

    • Unsecured website (no padlock/https)

    • Limited contact information or ways to contact the store

    • Odd or suspicious domain names

    They may even impersonate real stores, using the what looks like the same interface/shop front and logos.

  • How to protect yourself: Research online retailers before making purchases. Look for:

    • reviews (away from their site)

    • trust seals/padlocks

    • secure payment options

    • Trust your instincts - if it seems to good to be true, it probably is.

 

3. Investment Scams:

  • What to watch for: Unsolicited offers for high-return investments, often related to cryptocurrency, stocks, or other financial instruments. These could extend to Christmas Savings Club scams.

    This includes the rise in Deep Fake (AI produced videos) of trustworthy people promoting the (scam) investment. Recently Martin Lewis was impersonated on a video promoting an investment scam.

  • How to protect yourself: Research investment opportunities carefully and be wary of unsolicited offers or promises of high returns.

    • Speak to a reputable financial advisor to ensure your money is well invested

 

2. Social Media Scams:

  • What to watch for: Fake profiles, that may include phishing links, and fraudulent giveaways.

  • How to protect yourself: Be cautious of unsolicited messages and links on social media. Avoid clicking on links from unknown sources and be wary of offers that seem too good to be true.

    Profiles are often setup to harvest contact information, or to gain likes and follows, which they later sell on with that profile.

    If the profile looks like someone you know, doublecheck they are really them, for example is there more than one profile set up for one individual.

    • Do you have mutual connections?

    • How old is the profile, has it recently been set up?

 

1. Phishing Emails:

  • What to watch for: Emails that mimic legitimate companies or individuals, often containing urgent requests, attachments, or links.Some examples include:

    • Failed payment for a service such as Netflix, Disney+ etc

    • Account suspension or suspicious activity on your account

    • Missed Delivery Notification

  • How to protect yourself: Be cautious of unexpected emails, especially those with attachments or links. Verify the sender's address and avoid clicking on links or opening attachments from unknown sources.

    Doublecheck sender details through a trusted source, like their website. If in doubt contact them through contact information off their website or a trusted phone number. Do not use details within the email itself.


However you spend the festive period, make sure you stay vigilant and look for signs of the Twelve Frauds of Christmas. This will ensure you can enjoy a safe and joyous festive period.


Check back tomorrow for the last update of the Twelve Frauds of Christmas.


ICA Consultancy, banner, download twelve frauds of Christmas

 

Comments


Commenting has been turned off.
bottom of page