Delivery scams to look out for
If you’re getting gifts for friends, family, and you’re someone’s Secret Santa at work, chances are you’ll be receiving packages almost every day. It’s easy to lose track if you’re expecting a bunch of them to arrive. Even delivery services are struggling with the workload during the pandemic. In the chaos of the holiday season, it’s easy to lose track of your mail.
That’s why it’s no surprise that, in 2020, a bunch of Royal Mail customers recently gave away their credit card details to scammers. They received fake emails claiming that there were undelivered packages waiting for them. To redeliver it, all they had to do was pay £1.99. A lot of people did, losing their credit card details to scammers in the process.
A similar phishing attack has been around for years, but a lot of people still fall for it. Scammers send out text messages saying that there’s a DPD delivery waiting for you. It might offer to track your package or ask you to confirm delivery details. Whatever the text says, it also includes a link. Most people tap on it without a second thought and are immediately taken to either a malicious website that infects their device with malware or a fake website where they have to enter their account credentials or fill in their credit card details.
The dangers of online shopping
Delivery scams aside, shopping online can be dangerous by itself – if you don’t know how to browse the internet safely. From fake confirmation emails to scammy deals and hacked online shops – there are a lot of things that can go wrong.
If you use unsecured Wi-Fi, someone could intercept your connection and perform a man-in-the-middle attack. They then would be able to watch your every move and collect information about you – like your credit card details, passwords, address, and phone number. They could also manipulate your traffic so you wouldn’t notice anything for a while, giving the cybercriminal enough time to come up with more tricks or steal more of your money. Fortunately, a VPN is the perfect defense against man-in-the-middle attacks. Once all your online traffic is redirected through an encrypted tunnel, anyone trying to spy on your data will only see gibberish.
Another thing to look out for is bait and switch scams. It’s easy to fall for too-good-to-be-true prices, especially during Christmas time, when we spend so much money on gifts. With bait and switch scams, the best-case scenario is that you’ll end up with a cheap knock-off of whatever you were buying. However, if you took the bait and clicked on that flashy banner, you might also end up with malware on your device. It might just bombard you with annoying ads, but it can also spy on you, secretly gather your data, and send it to a remote user.
Offline scams that will ruin your Christmas
You have to be aware not only of online but also offline scams. Packages you receive often contain your name, address, email, and telephone number. If scammers find a discarded package with sensitive information in a dumpster, they can use it for a targeted online attack.
During the holiday season, delivery companies hire extra staff to handle the increased workload. Cybersecurity experts warn people to stay cautious, as some job offers can be fake. Perpetrators might impersonate recognized businesses and trick you into revealing your personal details.
Every Christmas, all kinds of pyramid schemes begin to circulate on the internet. One such scheme is the Secret Sister. The scammers behind it claim you need to send one gift to a stranger to receive six gifts back. Usually, they target women interested in a pre-holiday gift exchange. However, after you have sent your gift, most likely you won’t get anything in return.
How to shop online safely
It might sound like a minefield out there, but if you take the necessary precautions and develop some good habits, staying safe online is easy. Even in the middle of Christmas shopping chaos during a pandemic. Here are some useful tips:
- Check the site before buying. Do it every time – even if you’ve used it before. See if it uses HTTPS to encrypt the data it sends and receives. Check if the URL is correct, the design looks right, and there are no typos and other grammatical errors. If anything looks off, it might be a sign that you’ve ended up on a spoofed website. If you have any suspicions, it’s best to leave and shop for gifts elsewhere.
- Read reviews. If you’ve never shopped at that website before and it’s offering a great deal on an item you need – stay cautious. Search for the domain and see what other users have to say about it. You might be surprised how often a legitimate-looking website might try to sell you a knock-off or simply take your money and disappear.
- Don’t click on suspicious links. Especially if it’s a shortened URL. Instead, open your browser and go to the website directly. If it’s a courier, they will send you a tracking number in a text or an email and you’ll be able to enter it manually. If you only get a bit.ly link – be very suspicious. Similarly, try not to click on banners or links in promotional emails. Go directly to the website – the same deals should be there.
- Monitor your bank statements. If you just bought a ton of gifts online, it might be difficult to keep track of all of them. But it’s necessary – when you know exactly how much you’ve spent and where, you’ll be able to notice if something is not right.
- Don’t create unnecessary online accounts. If it’s possible to avoid, don’t sign up for every online shop you use. A lot of them have a “Buy as a guest” option – use it whenever you can. If a website is breached, your credentials might end up for sale online. And when you have a lot of online accounts, it makes you more vulnerable – especially if you tend to reuse passwords. Which brings us to our next tip…
- Be smart about your passwords. Don’t reuse and share them. Don’t store them in plaintext or on your browser. Don’t use simple words and numbers as your password. Use a reliable NordPass password manager and generator instead.
- Use NordVPN. This holiday season, it will be your best friend. Here’s why:
- It will protect your internet traffic from third parties. No one will be able to see what you do online or intercept your connection
- The Threat protection feature will block malicious ads and warn you when you’re about to enter a website known to contain malware.
- It will prevent cookies from ruining your surprise. You won’t see any ads for the stuff you bought online, so your Christmas gifts stay secret.
- If something does go wrong, the Dark Web Monitor will let you know. It will notify you if your credentials are leaked online so you can act quickly.