Phishing schemes to beware of this holiday season

Along with the holiday season comes the imminent arrival of new cyber security scams. These annual scams are socially engineered to manipulate a generous spirit, festive cheer and the high-anxiety of holiday shopping into lucrative privacy leaks and data breaches.

The Better Business Bureau (BBB) reports that spoofed websites, fake shipping notifications, festive e-cards, travel scams and targeted cyber attacks against seniors are among the 12 most common privacy-compromising schemes of December 2018. Users must take additional precautions and pay special attention to emails that offer free gift cards, attachments from unfamiliar or unexpected recipients, sudden requests for money from family members and deals that seem too good to be true.

BBB warns that seniors remain vulnerable to cyber security attacks, and the ‘grandma scam’ is particularly common during the holiday season. If a senior receives a desperate request for money by someone claiming to be a relative, he or she should contact family members directly to verify the claims. 

Other precautionary advice includes:

  • Shoppers double-check who they are purchasing from, as many holiday phishing attackers are expert at imitating authentic brands.  
  • Before opening any email links, ensure that the ‘from’ address and link URLs are secure and consistent with the official domain of the stated company. Email users should hover their mouse over the displayed hyperlink or webpage link to verify the destination URL. 
  • Remain wary of email attachments or links from alleged shipping companies or unverified e-card companies. Legitimate businesses would never request that you enter your personal information to view content. Treat all links and attachments as suspicious email content until proven otherwise.

For more resources on how to keep your information secure this holiday season, visit securitymatters.utoronto.ca.