Don't get scammed this holiday season. Here's what to watch out for

Jon Healey, Los Angeles Times on

Published in Business News

Scammers may be ever present online, but when the holidays roll around, they go into high gear.

That's because "all of the stars align" for bad actors, said Mark Ostrowski of Check Point Software, an online security company. The shopping rush, big sales and charity appeals create a slew of opportunities for scammers to entice people to click on malware boobytraps, reveal sensitive personal information and cough up cash in response to deceptive emails and texts.

You don't have to be a Grinch to protect yourself against these fraudsters, but you do have to treat the unsolicited emails and texts you receive skeptically — something you should be doing year-round, frankly. While you're at it, keep in mind what scammers like to do during the holidays, and how your actions online will inevitably expose you to more risk.

Here are some tips from Ostrowski, Norton researcher Kevin Roundy, and other experts about the holiday scams to be on the lookout for and the sorts of practices that can keep you safe.

Shipping scams

In the days before Amazon, holiday shopping meant shouldering your way through the crowds at the mall or local shopping district. And for the hard-core bargain-seekers among us, it meant spending hours in line before dawn, hoping for a chance at an insanely low-priced TV or game console.


Some of that still happens — witness the frenzy two years ago by people trying to land a Sony Playstation 5 — but a good chunk of the in-person holiday shopping has given way to online sales. That means more people are looking for deals online and having packages shipped to their homes, which means more chances for scammers to pretend to be new online retailers or to impersonate well-known shipping services.

Check Point's research arm estimated that 1 of every 6 malicious emails sent in the first 10 days of this month were shipping scams. These often convey urgency to get you to click on a link heedlessly — for example, by saying there's a problem with your delivery that you need to address right away. And by clicking on that link, you'll either download malware onto your device or be taken to a site that tries to wheedle sensitive personal information out of you.

These scams are common because they are effective. Is there anything harder to resist than a text supposedly from UPS offering a link to a tracking number? Or from FedEx saying you have a "delivery exception"? I think not. But resist you must.

You can try to identify fraudulent emails by carefully checking the sender's address for a domain that doesn't match the shipping company's, or by combing the email for spelling and grammatical errors. Better yet, just ignore the emails and go instead to the shipping company's website, where you can enter the tracking number the retailer provided with your purchase. Any information you'll need about your package can be found, safely and easily, that way.


swipe to next page
©2022 Los Angeles Times. Visit at Distributed by Tribune Content Agency, LLC.


blog comments powered by Disqus