As the holiday season approaches, millions will turn to online shopping for gifts and deals. Unfortunately, this is also prime time for scammers looking to profit from unsuspecting shoppers. According to the Internet Crime Complaint Center (IC3), over the past five years, 3.79 million scam reports resulted in a staggering $37.4 billion in losses.
Here are the key threats to watch out for this season, and how you can protect yourself.
1. Brand Impersonation Scams
Scammers frequently mimic well-known brands to trick shoppers. These fake ads and websites often offer “too-good-to-be-true” deals.
- Fake Ads on Social Media
Example: Ads on platforms like Facebook have falsely promoted discounted PlayStation 5 consoles. Clicking the ad redirects you to a site selling unrelated or counterfeit accessories—not the real deal. - Phony Websites
Fake websites imitating trusted retailers like Amazon or Walmart use official-looking logos and layouts to sell counterfeit products or collect payment without delivering anything. Always double-check the URL before making a purchase. - Fake Delivery Notifications
Scammers exploit the confusion of holiday deliveries by sending fake emails pretending to be from USPS or other courier services. These emails often ask for small “processing fees” to release your package, but entering your payment details exposes you to theft.
2. Credit Card Skimming
Smaller online retailers are common targets for credit card skimming malware. These attacks inject malicious code into websites, stealing your payment details as you check out.
- Signs of Risk
Outdated websites with old content (e.g., “Copyright 2022”) might indicate a poorly maintained site vulnerable to attacks. - How to Protect Yourself
Use tools like Malwarebytes Browser Guard, which blocks skimmer code from loading, and avoid making purchases from questionable sites.
3. Malvertising
Malicious advertising, or malvertising, is another method scammers use to spread malware. These fake ads, often disguised as deals or sponsored search results, can infect your device without your knowledge.
- A Growing Problem
Last year, malvertising incidents increased by 42% during the holiday shopping season. Scammers create fake ad accounts, use them briefly, and then move on to new ones, making it hard to track them. - Who They Target
No brand is safe—scammers spoof ads from Google, Amazon, Walmart, and even cybersecurity companies.
How to Protect Yourself
Follow these tips to stay safe while shopping online:
- Question Unbelievable Deals
If a deal seems too good to be true, it probably is. Stick to trusted retailers and research prices before purchasing. - Avoid Being Rushed
Scammers rely on urgency to push quick decisions. Take your time before clicking on links or entering payment details. - Use Security Tools
Install ad blockers and malicious content blockers like Malwarebytes Browser Guard to prevent malvertising and credit card skimming. - Monitor Your Financial Accounts
Regularly check bank and credit card statements for suspicious activity. Report anything unusual to your financial institution immediately. - Strengthen Your Online Accounts
Use unique passwords for every account and enable multi-factor authentication (MFA) whenever possible. A password manager can simplify this process. - Safeguard Your Devices
Invest in security software with web and phishing protection, such as Malwarebytes Premium, to block harmful websites. - Limit Your Digital Footprint
Scammers often use publicly available information. Regularly clean up personal data online and consider services like Personal Data Remover to reduce your exposure.
Cookie Consent with Real Cookie Banner