The holiday season can be both exciting and stressful. Between parties, gift giving and travel, it’s easy to get distracted and let your guard down. But now is the time to be on high alert and watch out for fraud, because nothing kills the holiday spirit like getting conned out of your hard-earned money.
Here’s how to protect yourself from this year’s top holiday scams that are easy to fall for.
1. Gift Exchange Scams
As if you needed one more reason to avoid Facebook: The social media site is host to a long-running holiday scam disguised as a secret Santa program. It’s the “secret sister” gift exchange, which promises that after donating at least one item worth $10 to a fellow participant, you’ll receive up to 36 gifts. However, the Better Business Bureau warns that the seemingly innocent gift swap is actually a pyramid scheme in the form of a digital chain letter and is considered illegal gambling. Not to mention that it provides scammers with your home address.
There are several variations of this scam floating around social media, including a wine exchange and children’s book exchange. So unless you personally know each person participating in a secret Santa exchange, steer clear.
2. Phony Shipping Notifications
Between Black Friday deals and late Christmas shopping, there’s a surge in online shopping during the holidays. That also means millions of valuable packages are hitting doorsteps, presenting an opportunity for scammers to go to work.
One of the biggest holiday scams shoppers might encounter this year is false shipping notifications intended to trick recipients into handing over sensitive personal information. For example, a scammer might send an email that looks as if it’s from UPS or FedEx, copying the company’s email template and logo so it looks legitimate. The email says your shipment is on the way and you need to arrange for delivery. However, when you click the link to update your shipping preferences, you download keystroke logging malware that tracks your computer activity so personal information such as credit card numbers can be stolen.
A low-tech notification scam comes in the form of paper “Sorry we missed you” notifications left on your door or mailbox. These, again, are designed to mimic official communication from shipping companies. However, if you call the number listed, fraudsters on the other end will attempt to get your bank account information.
3. Porch Pirates
Keep in mind that your packages are also susceptible to good old-fashioned theft. Nearly 26 million Americans reported having holiday packages swiped by porch pirates last year. Even delivery drivers have been caught nabbing packages from doorsteps and apartment lobbies they visited moments earlier.
To protect your online purchases from theft, consider requiring a signature for delivery so that packages aren’t left vulnerable. You can also have packages delivered to your work address or, in the case of Amazon, a designated pick-up locker rather than your home address. Or you might consider installing a motion-sensing security camera for your front door, such as Ring, to deter thieves or catch them in action.
4. Fake Charities
For many, the holiday season is a time to give back to the community. Unfortunately, it’s also prime time for scammers to take advantage of people’s generosity.
Be on the lookout for fraudulent charities that attempt to trick you into donating money. According to Tyler Moffitt, a senior threat research analyst for cybersecurity company Webroot, red flags to watch out for include aggressive pitches and high-pressure tactics, names that sound almost identical to established charities and spammy emails.
Moffitt said there are a few ways you can protect yourself from fake charity scams. For instance, if you’re donating to an organization you haven’t dealt with to before, look it up on Charity Navigator or Give.org first to make sure it’s legitimate. If you’re contacted by a charity over the phone, have it mail you a donation form to fill out and return rather than give your credit card information verbally.
If you’re dealing with a charity over email, check the sender’s email address as well as any links to make sure they match the organization’s official URL. Some scammers engage in spoofing, in which they disguise themselves as legitimate organizations. For example, you might get an email from Joe@habitatforhumanity.com ― but a quick Google search shows that the official website for that charity is habitat.org.
Finally, Moffitt said, no legitimate charity will request that you wire money or pay in gift cards.
5. Bogus Deal Sites
In the rush of holiday shopping madness, it can be tempting to grab a deal when you see one. But Scott Grissom, the chief product officer for LegalShield, said it’s important to beware of pricing that’s too good to be true. “Online scammers often set up dummy websites, auction listings or ads that offer popular items far below market value,” he explained. Some will send you a fake product, while others will simply take the money and run.
That’s why, he said, you should verify you’re shopping through a trusted retailer by checking the domain name in the browser. “Sometimes emails or online ads promising great deals will direct you to scam sites designed to look like a trusted retailer,” he said. One sure sign you’re on a legit site? The URL should begin with “https://” to indicate it’s secure. (That’s what the “s” stands for.)