McAfee, Inc. warns consumers about"the twelve scams of Christmas," or popular online attacks this holiday season

Published December 16th, 2009 - 02:21 GMT

As cybercriminals begin
to take advantage of the holiday season, McAfee, Inc. (NYSE: MFE)
revealed the "Twelve Scams of Christmas" - the twelve most dangerous
online scams that computer users should be cautious of this holiday
season. According to Consumer Reports' 2009 State of the Net Survey,
cybercriminals have bilked $8 billion from consumers in the past two
years, and McAfee warns consumers not to fall victim to the top scams
this year.

"Cybercriminals' use their best schemes during the holidays to steal
people's money, credit card information, social security number and
identity," said Jeff Green, senior vice president of McAfee Labs. "These
thieves follow seasonal trends and create holiday-related Web sites,
scams and other convincing e-mails that can trick even the most cautious


McAfee's Twelve Scams of Christmas


Scam I: Charity Phishing Scams - Be Careful Who You Give To

During the holiday season, hackers take advantage of citizens'
generosity by sending e-mails that appear to be from legitimate
charitable organizations. In reality, they are fake Web sites designed
to steal donations, credit card information and the identities of


Scam II: Fake Invoices from Delivery Services to Steal Your Money

During the holidays, cybercriminals often send fake invoices and
delivery notifications appearing to be from Federal Express, UPS or the
U.S. Customs Service. They e-mail consumers asking for credit card
details to credit back the account, or require users to open an online
invoice or customs form to receive the package. Once completed, the
person's information is stolen or malware is automatically installed on
their computer.


Scam III: Social Networking - A Cybercriminal "Wants to be Your Friend"

Cybercriminals take advantage of this social time of the year by sending
authentic-looking "New Friend Request" e-mails from social networking
sites. Internet users should beware that clicking on links in these
e-mails can automatically install malware on computers and steal
personal information.


Scam IV: The Dangers of Holiday E-Cards
Cyber thieves cash in on consumers who send holiday e-cards in an effort
to be environmentally conscious. Last holiday season, McAfee Labs
discovered a worm masked as Hallmark e-cards and McDonald's and
Coca-Cola holiday promotions. Holiday-themed PowerPoint e-mail
attachments are also popular among cybercriminals. Be careful what you
click on.


Scam V: "Luxury" Holiday Jewelry Comes at a High Price

McAfee Labs recently uncovered a new holiday campaign that leads
shoppers to malware-ridden sites offering "discounted" luxury gifts from
Cartier, Gucci, and Tag Heuer. Cybercriminals even use fraudulent logos
of the Better Business Bureau to trick shoppers into buying products
they never receive.


Scam VI: Practice Safe Holiday Shopping - Online Identity Theft on the

Forrester Research Inc. predicts online holiday sales will increase this
year, as more bargain hunters turn to the Web for deals. While users
shop and surf on open hotspots, hackers can spy on their activity in an
attempt to steal their personal information. McAfee tells users never to
shop online from a public computer or on an open Wi-Fi network. 

Scam VII: Christmas Carol Lyrics Can Be Dangerous - Risky Holiday
During the holidays, hackers create fraudulent holiday-related Web sites
for people searching for a holiday ringtone or wallpaper, Christmas
carol lyrics or a festive screensaver. Downloading holiday-themed files
may infect one's computer with spyware, adware or other malware. McAfee
found one Christmas carol download site that led searchers to adware,
spyware and other potentially unwanted programs. 

Scam VIII: Out of Work - Job-Related E-mail Scams

The U.S. unemployment rate recently spiked to 10.2 per cent, the highest
level since 1983. Scammers are preying on desperate job-seekers in the
poor economy, with the promise of high-paying jobs and work-from-home
moneymaking opportunities. Once interested persons submit their
information and pay their "set-up" fee, hackers steal their money
instead of following through on the promised employment opportunity.

Scam IX: Outbidding for Crime - Auction Site Fraud

Scammers often lurk on auction sites during the holiday season. Buyers
should beware of auction deals that appear too good to be true, because
often times these purchases never reach their new owner.


Scam X: Password Stealing Scams

Password theft is rampant during the holidays, as thieves use low-cost
tools to uncover a person's password and send out malware to record
keystrokes, called keylogging. Once criminals have access to one or more
passwords, they gain vast access to consumers' bank and credit card
details and clean out accounts within minutes. They also commonly send
out spam from a user's account to their contacts.


Scam XI: E-Mail Banking Scams

Cybercriminals trick consumers into divulging their bank details by
sending official-looking e-mails from financial institutions. They ask
users to confirm their account information, including a user name and
password, with a warning that their account will become invalid if they
do not comply. Then they often sell this information through an
underground online black market.


McAfee Labs believes cybercriminals are more actively scamming consumers
with this tactic during the holidays since people are monitoring their
purchases closely.


Scam XII: Your Files for Ransom - Ransomware Scams

Hackers gain control of people's computers through several of these
holiday scams. They then act as virtual kidnappers to hijack computer
files and encrypt them, making them unreadable and inaccessible. The
scammer holds the user's files ransom by demanding payment in exchange
for getting them back.


McAfee <>  advises Internet users to follow these
five tips to protect their computers and personal information: 


1.        Never Click on Links in E-Mails: Go directly to a company or
charity's Web site by typing in the address or using a search engine.
Never click on a link in an e-mail.


2.        Use Updated Security Software: Protect your computer from
malware, spyware, viruses and other threats with updated security
suites.  McAfee(r) Total Protection software provides fully-featured
protection from current and emerging threats. It also comes built in
with McAfee SiteAdvisor(r) technology, a safe search toolbar to warn
consumers of a Web site's safety rating as well as phishing protection.
It uses intuitive red, yellow and green checkmarks to rate potentially
dangerous Web sites when searched on Google, Yahoo! or Bing.


3.        Shop and Bank on Secure Networks: Only check bank accounts or
shop online on secure networks at home or work, wired or wireless. Wi-Fi
networks should always be password-protected so hackers cannot gain
access to them and spy on online activity.


Also, remember to only shop on Web sites that begin with https://,
instead of http://, and seek out Web sites with security trustmarks,
like McAfee SECURE(tm).


4.        Use Different Passwords: Never use the same passwords for
several online accounts. Diversify passwords and use a complex
combination of letters, numbers and symbols.


5.        Use Common Sense: If you are ever in doubt that an offer or
product is not legitimate, do not click on it. Cybercriminals are behind
many of the seemingly "good" deals on the Web, so exercise caution when
searching and buying.


If you think you may be a victim of cybercrime, visit McAfee's
Cybercrime Response Unit to assess your risks and learn what to do next

© 2000 - 2019 Al Bawaba (

You may also like