12 Holiday Cyber Scams to Watch Out For

By Jill Krasny

As more consumers pick up their smartphones and tablets to go holiday shopping, cyber crooks are trying just about everything to dupe them out of their hard-earned money.

Forty percent of identity theft victims were targeted while making online purchases in 2011, according to an identity fraud report by Javelin Strategy & Research. Meanwhile identity fraud increased by 13 percent, with more than 11.6 Americans falling prey to the scams.

To keep you protected, we asked Robert Siciliano, online security expert for the software company McAfee, to list off the season's hottest scams and how to avoid them.

Phony E-tailers

The saying "if it looks too good be true, then it probably is" applies here. To set up their phony shops, scammers grab HTML code from a well-known site, then "sell" similar merchandise at a larger discount, explains Siciliano. But buyer beware: "Once you pay, they have the customer's information and you'll never receive the product," he says. Then before you can blink an eye, they'll start racking up charges on your dime. Clearly you shouldn't bother with these sites in the first place, but if you're concerned you've come across a Best Buy or Target imposter, check for misspellings, weird urls and "an overall dysfunctional site," says Siciliano.

Mobile Malware

With 33 percent of apps asking for more info than they might ever need, you can never be too careful, Siciliano says. If you've purchased the app from iTunes or Google, chances are it's been vetted for any suspicious activity. But if you bought it from a third party site, there's a good chance you'll download some malware. "These apps haven't been properly vetted for having a malicious component, so they might be used to spy on your device, see what text messages you send, what apps you click, and most importantly your username and passwords," he says. And they're definitely after your Social Security and credit card numbers, he adds. "They'll do anything to get paid."

Social Media Traps

"Criminals are setting up fake profiles on Facebook and Twitter, and those pages often have a number of dangerous things, one being that they're infected and once you start clicking those links, they'll infect your device," says Siciliano. Even worse, these links are often designed to get you to spill your personal info. Don't fall for it.


Much like the social media trap, these text or email messages offering discounts are nothing more than a big fat hoax. They'll lure you to click a link and before you know it you'll wind up on a shady site or have downloaded spyware onto your device.

Bogus Gift Cards

Say what you will about gift cards, but those pieces of plastic are still a popular gift. With so many people snapping them up, scammers are rigging third party sites to sell fakes or manipulating the cards at stores and voiding them, says Siciliano. To dodge the scam, only buy the cards kept behind the counter in stores, or buy them at a mall kiosk so you know that you're getting the real thing.


Even hilarious e-cards are prone to criminal mischief sometimes. "Some of these are being used to infect your device and often have links to get you to download something or disclose your personal info," Siciliano says. "You'll want to really delete these and just tell people you prefer to receive paper cards."

If the card was sent in a zip file, be especially wary, he adds.

The Hot Holiday Gift Scam

Every season has its trendy gift du jour: Last year's was the iPhone, and this year the iPad Mini will reign supreme. Con artists love to set up fake websites around these products, offering discounts that are really just a scam in disguise. Don't shop, don't click and never give out your info.

Fake Charities

With nearly 1,000 domain names on the books, fake charities are a dime a dozen these days. "It's very impossible to determine whether the site is real or fake," says Siciliano, but "usually you'll get an email asking you to send a donation. Don't click it."

iTunes Gift Card Scams

Even the almighty Apple store isn't immune from a con. If your iTunes account has been compromised, criminals might try to use that information to load up new gift cards, then sell them to unsuspecting consumers, Siciliano says. The charges will appear soon enough, but it's important to act fast and notify Apple and your card issuer of the fraud. "We've been seeing this scam for years now, but it pops up more around this time of year," he says.

Online Coupon Scams

Like a third party retail store, these scams look legit on the surface but ask for way too much information from shoppers. Steer clear.

Fake Classified Ads

Many people choose to buy and sell items via classified ads, often selling items second hand to get more money for gifts. But beware of phone classifieds that ask you to wire money via Western Union or Moneygram, warns Siciliano. "Most of these sites are free and attract criminals because they are free."

Your Email's Spam Folder

Care for some spam with that season's greeting? Sweeping your spam folder might sound insanely productive, but most of the time these emails spell nothing but trouble. "It's important that you don't visit your spam folder, because that's where people often think legit emails are going," Siciliano says. "Instead just delete these and don't ever click the links in the body of an email from an unsolicited sender."

See more on Credit.com:

Increase your money and finance knowledge from home

Goal Setting

Want to succeed? Then you need goals!

View Course »

How to Avoid Financial Scams

Avoid getting duped by financial scams.

View Course »

Add a Comment

*0 / 3000 Character Maximum


Filter by:
Fiona Smith

Hi - we just fell victim to usgiftcodes.com. Also a scam - do not use! They took our money and converted at a much higher rate than the daily xe.com exchange rate and sent us non-functioning codes. We have attempted to contact them on may occasions and they are refusing to respond to our calls for functioning codes or a refund of our money. In addition we posted feedback on their site which has been removed. They clearly know what they are doing and are just ripping customers off. Please add this site to your list of scam sites!

February 04 2015 at 2:20 AM Report abuse rate up rate down Reply

Just that 't looks too good" DON'T be an idiot. Everyone wants a get rich quick bit. Only it never plays out. Don't EVER open a link or email U don't recognize! oh btw can u send me a few bucks? lol....

December 13 2012 at 9:05 AM Report abuse rate up rate down Reply

...And that includes AOL's deceitful ads and so-called 'reporting',

December 13 2012 at 6:27 AM Report abuse rate up rate down Reply

In a nutshell, DO NOT CLICK ANY LINKS IF YOU DO NOT KNOW THE SENDER. I get e-mails telling me that my American Express account has been compromised or my Wells Fargo account, funny thing is, I do not do business with either of these establishments.

December 13 2012 at 5:34 AM Report abuse rate up rate down Reply

I constantly get emails from "PayPal" wanting me to VERIFY my data, or telling me that my account is frozen. . I DELETE IMMEDIATELY. Then I got an email from "AOL" offering a great deal on a security package and a program to speed up my computer. STUPIDLY, I clicked on the link and was taken to a site that looked exactly like the official AOL site. I then proceeded to purchase antivirus AND something else that totaled $150.00!!!! Then I began to have a rather "sick" feeling that something was WRONG; so I called the REAL AOL, only to discover that I HAD BEEN SCAMMED!! I immediately called my credit union and blocked my Debit Card. It was a real hassle - waiting for the new card to arrive, dealing with the FAKE AOL, threatening them with legal action. Problem is, by the time you can track them down - they've shut down and opened up another site. Thanks to Visa, I did not have to suffer any financial losses but the headaches of dealing with all of this was a real PAIN!! BE CAREFUL ABOUT THE WEB SITES YOU VISIT. This AOL site looked exactly like the real one. The ONE thing that let me know it was a ripoff was when I was talking to them. THEY ASKED FOR MY PASSWORD - SOMETHING AOL WILL NEVER DO. REMEMBER THAT. JUST BE REALLY CAREFUL. NEVER USE A LINK CONTAINED IN AN EMAIL - GO TO THE SITE ON YOUR OWN

December 12 2012 at 11:22 PM Report abuse rate up rate down Reply
1 reply to jumeaujs1's comment

I delete all spam, including AOL's pretentious and deceitful ads that come in through my inbox.

December 13 2012 at 6:28 AM Report abuse rate up rate down Reply

some advice - dont give anymoney to anyone.or anything - and if u do get scammed..U deserve it and who cares seriously...Whoever gets scamm - i thank there stupid and need to be scam so hahaha...

December 12 2012 at 6:01 PM Report abuse rate up rate down Reply
2 replies to kysteve66's comment

Thank you for the comment. NO ONE deserves to be scammed. I am NOT some fool. This site looked exactly like AOL - everything was the same as when I'd been to the site on my own. So, there are times when even computer savvy people can get scammed. So, remember your own words when this happens to YOU.

December 12 2012 at 11:32 PM Report abuse rate up rate down Reply

You thank there? And you call them stupid? really? HAHAHAHAHAHAHAHA! Thanks for the laugh!

December 13 2012 at 5:35 AM Report abuse rate up rate down Reply

Great article,read an interesting whitepaper about this very topic ' Wire fraud and identity theft Risks and prevention for banks and consumers' ,it offers good information readers will find it very helpful @ bit.ly/UavIbD

December 12 2012 at 9:39 AM Report abuse rate up rate down Reply
1 reply to AdityaJayaram's comment

An ad keeps popping up on my AOL homepage from a web site called "Nomoreracks.com". The prices on the merchandise are WAY too good to be true so I decided to check them out. Out of 275 reviews, 274 were really bad. Everything from bait and switch to not giving refunds and making customers pay for their own return shipping. Rude customer service reps, not returning e-mails, not answering phones, etc. I did report the possible fraud to AOL.

December 12 2012 at 2:09 PM Report abuse rate up rate down Reply