Watch Out for Cyber Attacks this Holiday Season

watch out for cyber attacks this holiday season

Cyber security is something we all need to worry about, but the holiday season may make us more vulnerable to certain kinds of cyber attacks, most of which revolve around holiday shopping.

Here are some of the scams that tend to show up this time of year:


The target of e-skimming is company’s online stores. The attackers tend to go for medium-sized companies that have a good number of customers but don’t have the cybersecurity resources of, say, Amazon. They insert malicious code into the shopping cart that harvests personal information when you buy something. While there is only so much you can do, using a strong password or passphrase is helpful.

Public Wi-Fi Problems

If you shop in the store, you might think you are safe from cyberattacks. However, with more and more people hooking up a device to the internet during their shopping trip, whether while taking a break or to compare prices on an item, scammers have a window. Malls and stores offer free wi-fi, and this can be compromised. Public wi-fi can be vulnerable to hackers, and rogue operators may also set up fake wi-fi networks, tricking you to connecting to them instead. Avoid connecting to public wi-fi, and if you must, be very careful what you do on it. Never do financial transactions over public wi-fi and if you use it regularly consider getting a VPN.

Scammy Social Media Promotions

We’re all looking for deals this time of year. And promotions show up all over social media. They might offer free gift card codes, free giveaways, massive discounts on items. In some cases these promotions are designed to trick you into clicking on an infected website. They might also be trying to get your personal information in exchange or a free item that is either extremely cheap or doesn’t even exist. If a promotion looks too good to be true, it is.


Phishing spikes around the holiday season, particularly in certain areas. The following are particularly common:

  • Promotions or giveaways that are too good to be true, as the social media promotions above.
  • Fake notices from your bank telling you a large purchase was made. As a note, if you are a victim of credit card fraud, your bank will call you, not email you, and if they do you should always hang up and call the number on the card, rather than talking to the person who called them.
  • Phony invoices, shipping status alerts, receipts, or order cancellation notices for goods you never ordered or purchased. All of these come with malicious links that if you click on them will take you to the scammer’s site. Often these are attempts to harvest login credentials for major e-commerce sites. If you know you didn’t order the item, ignore the notice. If it’s a real shipping status alert for a gift, then you should be able to check with the person who sent it to you.

Cloned Websites

Website cloning is when the scammers reverse engineer a copy of a real website. It’s often extremely hard for even tech savvy users to realize they are on a clone. E-commerce sites are common victims of website cloning. The scammers will buy a URL that is one character away from the original (typo squatting) and then buy Google ads so it shows up higher. Or they will hack the actual site and add redirects. (Be aware that this is also a common travel scam, usually victimizing hotels and people booking rooms). If you do fall victim to a clone, disputing the charges with your credit card company will usually get you redress.

The holiday season is a time when we’re all stressed and rushed, and scammers will take advantage of that. Be particularly careful. Don’t click on links in email, don’t get fooled by too-good-to-be-true promotions and make sure you’re on the site you think you are on.

For more cyber security advice, contact 4 Corner IT.

The Newest Extortion Scams Are Using Your Own Passwords as Bait

the newest extortion scams are using your own passwords as bait
Using Your Passwords

As internet scams become more and more sophisticated extortion scammers have found another new piece of bait by which to hook internet users and that is with their old passwords. These extortion schemes often claim that someone has the person’s compromising information and that they are happy to help get that information back if the person is willing to pay them to do so.

Fearing that their information is going to be compromised, the person coughs up the cash in order to protect information that the person claimed they should protect. The catch? The entity that they claim meant harm never had any of the person’s information in the first place. People are then led to believe that there are scammers burrowed deep in their computers and that they are getting a hold of the person’s private information. Many scammers are even requiring the payments to be made in Bitcoin or they won’t go about doing “the job” of stopping these people who are said to have the person’s personal information (really they don’t have their information at all – the said person burrowing in the person’s computer doesn’t even exist).

What Can I Do To Avoid Being Scammed?

The following advice is offered to people who have had issues with these kinds of scammers in the past to help them avoid having issues with these same scammers in the future:

  • Scammers will generally want to rush the person into making hasty decisions and will pressure you to pay them immediately for their “services”. However, if you have any feelings that the person with whom you are talking is not for sure authentic, authorities encourage you not to give them any information as it encourages them to keep on scamming other people after they are successful with you.
  • Change your passwords immediately once you realize that you have been scammed. Moreover, use different passwords for all online accounts and be sure to require Two-Factor Authorization when it’s an option.
  • Do not have any further communication with anyone who you think is a scammer.
  • Always update your antivirus software and other operating systems to give the scammers less of a chance at getting at your personal information.
  • Cover your webcam at all times when you are not using the device.

Remember, scammers only need to be successful with a fraction of the people with whom they engage in order to be successful at what they do. They will make this a lucrative process which will only continue encouraging them to scam more and more innocent, unassuming people into believing their lies.

In the end, the next scamming issue is the fact that these people claim to have your old passwords and will use that as bait to try to get you to pay them to help “protect your personal information” as they will claim. In these cases, these people don’t have any of your personal information in the first place. They are simply scammers out trying to get money off of you and they will do absolutely nothing for you in return.

For more information on the latest scams that you need to watch out for please feel free to contact us at 4 Corner IT for further assistance.