1 min read
The Top 5 Wire Fraud Prevention Tips
1) Wire fraud fraudsters use spoofed email so learn to spot it. Although there are a number of ways to spoof email, it can be as simple as this. The...
We've crafted solutions tailored to your firm
The world of insurance for law firms can be confusing, and difficult to navigate. We've created this glossary because these common insurance terms should be easy to understand.
6 min read
LMG Security : Dec 6, 2022 2:04:33 PM
Ready or not, the holiday shopping season has started. Criminals are rolling out new holiday scams (as well as some old favorites) to steal your hard-earned money. Holiday scams are widespread and very effective. In fact, one survey found that 75% of respondents were targeted or experienced holiday-related fraud.
According to the FBI’s Internet Crime Complaint Center's (ICS3) 2021 report, the top two holiday scam types resulted in $337 million in losses. When you consider that in 2021 the USPS alone accepted 13.2 billion letters, cards, flats, and packages for delivery between Thanksgiving and New Year’s Eve, the holiday shopping season is packed with purloining potential.
Read the tips below and share these with your friends, family, and colleagues to keep everyone safe from holiday scams in 2022!
This scam tops the list again in 2022. Online holiday shopping in the US is projected to increase by roughly 6% in 2022, rising to $224 billion dollars, and that means an increase in package deliveries. Unfortunately, cybercriminals target online shoppers by spamming unsuspecting consumers with fake package delivery emails, redirection requests, fake tracking links, and more.
How does this work? Cybercriminals text or email you about your upcoming package delivery. They may ask you to verify your address, update your preferences, or even click a “tracking link” that sends you to a phishing site. Other scammers will email you that they have discovered a package meant for you or even leave a missed package slip on your door. They will tell you that you need to contact them to confirm your details for delivery or schedule re-delivery.
There are also some frighteningly realistic delivery service phishing emails branded as USPS, UPS, DHL, or others, complete with logos, buttons, and convincing scenarios. The stories vary: for example, criminals may claim that the delivery service could not deliver the package and the customer needs to click the link to update the address or pay a small re-delivery fee. All of these scams end with a criminal installing malware onto your computer or stealing your personal and/or financial information.
Cybercriminals are all too happy to take your money in exchange for nothing if you make a purchase on a scam website! So, there’s an amazing deal on a fancy new coffeepot… but how do you really know the seller is legitimate? Cybercriminals set up fake e-commerce sites and seller profiles—especially during the holiday season. They even run ads on Google, Facebook, and other social media sites. Their goal is to take your money and run—without the hassle of ever shipping a product. According to the Better Business Bureau, fake online purchase scams account for more than a third of the scam reports they receive.
Hackers also clone the e-commerce sites of popular brands to lure unsuspecting shoppers into entering their payment information or sensitive data. According to Check Point, the two most commonly spoofed sites are Microsoft and Amazon. These fake emails and websites can look very convincing and offer you special deals, subscriptions, and more. When you enter your personal or payment information, you fall victim to the scammer, and your data and/or money is stolen.
Social media sites are a hotbed of scams. Criminals are setting up fake charity donation sites, GoFundMe causes, investments, or work opportunities, and even breaking into social media profiles to share the scam with YOUR friends and family. In 2021, more than 95,000 people reported $770 million in fraud losses involving social media sites. It should be noted that only a small portion of social media scams are reported and it’s likely this is only a fraction of the actual fraud. In these scams, criminals will ask you to donate money or sign-up online for a small $10 gift exchange. You can then end up sending money or gifts to the criminals, in addition to giving them your personal information. Beware of any requests from friends for money or gifts, or even an offer of links to reset your password through social media messages.
Gift card requests are a popular scam that can target you at home, as well as in the office. Criminals will email or call, asking you to pay a bill/fee, claim a prize by purchasing a gift card, or even buy and send it to pay a fine for a relative. You should never pay any personal bill or fee or send payments using gift cards—this is almost always a scam. At work, you should be wary of the traditional office gift card scam. In these scams, a criminal impersonates your CEO or another executive and sends emails or text messages to a staff member asking them to purchase gift cards. The cards are supposedly a “reward” for employees or a holiday surprise for the office—meaning that often, the victim is asked to keep the purchase secret. The victim sends the card details to the scammer who steals them for a big holiday bonus.
Everyone wants a deal. Scammers know this and often list hot items at steep discounts or pretend to be interested buyers. They may try to hack into your account by asking you to “verify your identity.” Here’s how the scam works. They will explain that they’ll send you a code and ask you to email or text it to them to verify your identity. Do not send the code. They will use the authentication code to reset your account or access your phone’s SIM card to steal access and information.
Another popular tactic is the overpayment scam. When you’re selling an item, the buyer accidentally writes you a check or presents a money order for more than the purchase price and asks you to give them a check or cash for the mistaken overage. Don’t fall for it. The payment is usually a forgery. You’ve refunded them legitimate money, but the check or money order will be flagged as fraudulent by the bank.
We hope you find these tips helpful, and we wish you a happy, healthy, and safe holiday season!
This blog is distributed with the permission of LMG Security.
At LMG, our singular focus is on providing outstanding cybersecurity consulting, technical testing, training, and incident response services. Our team of recognized cybersecurity experts have been covered on the Today Show and NBC News, as well as quoted in the New York Times, Wall Street Journal, and many other publications. In addition to online cybersecurity training, LMG Security provides world-class cybersecurity services to a diverse client base located around the United States and internationally.
1 min read
1) Wire fraud fraudsters use spoofed email so learn to spot it. Although there are a number of ways to spoof email, it can be as simple as this. The...
5 min read
This blog post is in partnership with LMG Security. With professional hackers and cybersecurity criminals posing a constant threat to law firms...
3 min read
The short answer is yes, everyone does; but the reason lawyers need to be concerned requires a longer explanation. What is a deepfake? The word...