Seasonal Safety: How to Avoid Cyber Scams This Festive Season

Amy Anderson headshot

By Amy Anderson, Founding Principal

The holiday shopping season is upon us, and while you’re making your list and checking it twice, cybercriminals are crafting their own strategies to separate you from your hard-earned money. Today, we’re providing some guidance on staying safe during the festive period—and all year round.

Key Insights
  • The promise of grabbing a bargain can overrule our more logical instincts to slow down and think twice
  • Social engineering tactics take advantage of the unsuspecting—especially when we’re feeling charitable
  • Urgent financial requests always need verification (even if they appear to be from friends and family)
  • Simple steps like updating passwords and enabling MFA can keep you safe from scams
  • Any suspicious activity should be reported immediately

All Cyber Scammers Want for Christmas Is Your Data

Before you’ve even finished your Thanksgiving leftovers, online retail activity begins to surge in the U.S.—and with it, the prevalence of cybercrime. Last year’s Cyber Monday alone generated over $12 billion in online sales, creating an unprecedented opportunity for cybercriminals to exploit rushed and distracted shoppers.

Cybercriminals target more than just immediate financial gain during the holiday season. Their primary objective often involves collecting valuable personal data, including:

  • Credit card information
  • Social Security numbers
  • Online banking credentials
  • Email and password combinations
  • Home addresses
  • Phone numbers

Any of these details can potentially lead to identity theft, unauthorized account access, and financial fraud that can take months or years to resolve.

High-Risk Shopping Periods

Several key dates see dramatically increased cybercriminal activity, namely Black Friday, Cyber Monday, and the entire month of December.

Cyber Monday sees buyer activity increase by more than 500% compared to an average day. It’s far and away the day that yields the highest e-commerce sales revenue in this country—and it’s also a breeding ground for less-than-logical decision making.

Whilst Black Friday shoppers are notorious for their often extreme, sometimes dangerous in-store antics, let’s not understate the influence of the limited-time-only deal that overcomes many a credit-card-wielding individual when Monday rolls around.

Of the 10% of shoppers who walk away from their screens dissatisfied with their Cyber Monday hauls, 35% cite products selling out too quickly as a driving factor. When you’re so incensed to act now, think later; even the most common-sense steps can slip your mind—including cybersecurity.

Common Cyber Threats During Peak Shopping Periods

These scams aren’t unique to the holiday season, but they do ramp up in frequency as we approach the end of the year.

Fraudulent Retail Promotions

Unsolicited phishing emails advertising extreme discounts—especially from senders you never normally shop with—often lead to fraudulent websites. They’re designed to collect payment information without fulfilling orders.

Shipping Notification Fraud 

Cybercriminals distribute fake delivery notifications containing malicious links or requesting sensitive information to “verify” deliveries. Most people are expecting a delivery during this period, so these messages don’t ring the same alarm bells they otherwise might.

Falsified Charity Appeals

Criminals exploit seasonal generosity by creating sophisticated imitations of legitimate charity websites or distributing urgent appeals for donations.

Social Media Marketing Scams 

Fraudulent social media campaigns promising gift card giveaways or exclusive deals serve as data collection schemes run rampant over the holidays—so think again before tagging five friends.

Grandma Got Runover by a Reindeer—or Did She?

A particularly concerning trend you might encounter involves cybercriminals impersonating family members or close contacts to exploit emotional responses from you, the concerned recipient.

These sophisticated social engineering attacks tend to exploit or target the more vulnerable members of society—the elderly, the young, and the generally unaware when it comes to online safety. Banking on seasonal generosity, cybercriminals use this approach to send urgent requests for financial assistance, typically through wire transfers or gift card purchases.

So, how do you know if it’s really grandma in need of assistance?

  • Contact the supposed sender through verified phone numbers—don’t call back the number that rang you.
  • Verify the situation with other family members
  • Request specific details only known to legitimate parties
  • Never proceed with urgent financial requests without thorough verification.

Steps for Now: Essential Security Preparations for a Safe Festive Season

Implement each of the following steps sooner rather than later—ideally, as soon as you’ve finished reading this article.

1. Update Your Passwords

 Are you using the same password for more than one of your online accounts? While it may save you time, it’s also making you extremely vulnerable.

Let’s say you get caught up in the excitement and make a purchase from a questionable website using the same login credentials you’ve used for multiple other purchases that day. You’ve just given hackers access to all those accounts and all the personal information that they hold.

To avoid this potentially disastrous scenario:

  • Implement unique passwords for each retail platform (a password manager like Keeper is a great tool to help stay organized and safe)
  • Utilize a secure password management system
  • Ensure your password complexity meets current security standards (these days, many devices will automatically suggest passwords that fulfill these requirements and store them securely for you)
2. Enable MFA

 Turn on Multi-factor Authentication (MFA) on all accounts that offer this security feature. The minimal time investment provides substantial additional protection.

3. Consider Using a Cloud VPN

A Virtual Private Network provides encrypted connection security, particularly crucial when conducting financial transactions on public networks like local coffee shops or at the airport.

4. Practice Spotting the Signs

Test your scam-spotting abilities using free resources like this phishing quiz or our more business-focused alternative.

Steps for the Big Day: Best Practices for Secure Online Shopping

Even if you’re prepared, it’s important to stay vigilant and mindful. During active shopping periods:

  1. Keep a list of cyber-scam warning signs in sight
  2. Access retail sites directly (rather than through email links or social media accounts)
  3. Only conduct transactions on verified platforms
  4. Prioritize credit card use over debit cards for enhanced fraud protection (here’s why)
  5. Avoid unsecured public networks
  6. Report suspicious activities immediately (see how below)

Most importantly, remember to take a minute before you engage. Walk away from your device if you need to. Yes, you might miss out on a bargain, but that loss is nothing compared to the potential cost of falling for a scam.

Reporting Suspected Scams

If you know or suspect that you or someone you know has encountered a scam, don’t keep it to yourself. The more people are aware of a potential danger, the less damage it’s going to cause.

You can report suspected fraudulent activity to:

Prompt reporting enables law enforcement to identify patterns and prevent further fraudulent activity—it’s just one of the ways you can give back to your community this festive season.

Stay Safe from Seasonal Cyber Scams

Don’t let cybercriminals steal your holiday cheer. With these precautions in place, you can focus on what really matters—celebrating with your loved ones and finding those perfect gifts safely and securely.

Stay merry, stay bright, and most importantly, stay cyber safe this holiday season!