2023年11月30日

这是季节:揭开2023年的顶级假日骗局

2023年最主要的假日骗局是什么?

还有火鸡, 足球和疯狂的亲戚, 感恩节也标志着一年中最繁忙的购物季节的开始. 即使在通货膨胀和生活成本增加的情况下, 感恩节, Black Friday 和 Cyber Monday tend to bring out the shoppers 和 this year is no different.

早期的报告显示在线消费增长了5%.在感恩节这一天，美国人花费了近5美元.60亿美元的网上购物，还有额外的9美元.80亿美元在黑色星期五.

不幸的是, but not surprisingly, the spike in consumer spending also creates a spike in scams. 虽然骗局很少改变, they often work because consumers innately let their guards down during the busy holiday season.

Here are some of the most common scams making the rounds this year 和 what you can do to protect yourself.

包裹派递通知书

One of the most common holiday scams consumers will encounter is fraudulent delivery notifications. 通常通过文本传递, 此类型的消息模拟传递bet9平台游戏提供者, 例如联邦快递, UPS或USPS, 并提出交货问题(如.e., bad address) with a malicious link conveniently included to remediate the problem – which is most likely a malware download. 你怎样才能不上当受骗呢?

如果你在等包裹, always check the original confirmation email for shipping information (timeframes, 跟踪号码, 等.).
如果你在等包裹, always check the original confirmation email for shipping information (timeframes, 跟踪号码, 等.).
If you receive a suspicious delivery message, do not click on any links or respond. 删除或报告. Treat any unsolicited delivery message you get via phone or email the same way.
If you think there is a legitimate shipping issue, contact the retailer directly. 一定要先确认你联系的是他们的真实电话号码或电子邮箱.

恶意冒名顶替网站

另一个常见的假日骗局是恶意的冒名顶替网站. These sites masquerade as legitimate online retailers but are built with the intent of stealing financial 和 personal information.

这些网站通常通过网络钓鱼邮件进行推广, 文本, social media or digital advertising – 和 usually advertise items at low prices or customized items such as “your animal as a cartoon” art print. Whether the malicious websites are spoofing large retailers like Amazon 和 Target, 或者小型精品企业, 有几个危险信号需要注意.

如果一笔交易好得令人难以置信, it usually is – even during the holiday sale season when marketing efforts are in full overdrive mode to promote unbelievable deals. 很有可能这个网站会以199美元的价格给你提供一台75英寸的OLED电视.99是恶意的.
这个网站的设计很差, grammar errors or simply doesn’t look right 和 is asking for a ton of personal information – there’s no reason any retailers should be asking for your social security number to buy a new Bluetooth speaker.
The URL is missing a padlock icon 和 doesn’t start with “http” – if a site doesn’t have either of these in the URL bar, 很可能它本质上是恶意的.
该网站要求您通过银行电汇或礼品卡支付. If the website doesn’t accept credit or debit cards, you should not be purchasing from it.
要像对待网站一样警惕社交媒体页面. Many scammers use social media to defraud shoppers with imposter 页面s or direct them to imposter websites.

如果你喜欢在网上购物, 只在值得信赖的零售商那里购物，并尽可能使用信用卡, 它们通常提供固有的欺诈保护. 如果你遇到任何潜在恶意网站的广告, 谨慎行事，避免点击.

度假租赁骗局

Travel-related scams traditionally increase during the holiday season 和 this year is no different. 有近 47%的消费者计划上路今年，骗子们将寻求利用流量.

随着airbnb和VBRO等租赁网站的兴起, 许多旅行者都在寻找划算的租房, 和 many threat actors are advertising fraudulent ones that simply don’t exist. 一旦一方感兴趣, they try to persuade them to communicate 和 place a deposit through unsecured or untraceable methods 和 disappear. 这里有一些最好的做法来避免落入这个流行的骗局.

通过VRBO和Air BNB等知名旅游网站预订房源, 当然，Craigslist等网站上也有一些合法的帖子, 最好完全避免使用它们.
Never send money via wire or payment services like CashApp or Western Union for rentals. Any legitimate renter or agency will take payment via credit card on a secure app or website.
如果你直接付钱给某人，他会给你一个更好的价格.e., send me the deposit via payment app as friends 和 we can avoid the website fees), 报告他们，然后继续前进.

慈善诈骗

节日也是给予的季节. 不幸的是, the season of giving means the season of stealing for scammers who use fake charities to solicit donations, 达到了1美元.仅2021年就将达到60亿美元. Below are some of the best practices to ensure you are donating securely 和 safely to legitimate organizations.

避免不请自来的捐赠请求——包括电话, 电子邮件和短信, 它们很可能是欺诈性的.
If you’re not sure about a charity, ask for their Tax Identification Number or use the IRS’s 在线免税组织搜索核实慈善组织.
坚持参加著名的慈善机构，比如联合劝募会, 救世军或红十字会, 或者去你以前工作过的地方组织.
使用受信任的网站 “慈善导航和 Guidestar.org 核实慈善机构，了解他们如何分配捐款.

Tying it All Together: Identifying 和 Avoiding Scams During the Holiday Season

虽然外面还有很多其他的骗局，但它们的外表各不相同, 他们经常有共同的危险信号, 其中包括:

要约或请求是来自未知发件人的主动请求.
点击或发送资金有一种紧迫感.
我们要求您用礼品卡、电汇或现金转账付款.
你被要求提供敏感信息，比如你的社会安全号码.
这个提议简直好得令人难以置信.

无论使用什么骗局, 你可以使用简单的保护自己在网上, 然而有效的网上购物行为, 包括:

尽可能使用信用卡.
不回答、点击或回应可疑通信.
警惕社交媒体广告和页面.
在购买之前，请确认您在实际零售商的网站上.
如果你对交易不确定，只需拨打经过验证的公司电话号码.

Remember, these scams are around all year, but go into overdrive during the holidays. 我们希望这篇文章能帮助你和你的家人安全地享受假期.

关于施耐德唐斯网络安全

The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, 包括渗透测试, 入侵防御/检测审查, ransomware安全, vulnerability assessments 和 a robust digital forensics 和 incident response team. 此外，我们的数字取证和事件响应 teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.

要了解更多信息，请访问我们专门的网络安全页面.

想要了解情况? 订阅我们的双周通讯， 关注网络安全.

你们已经听到了我们的想法，我们也想听听你们的想法

The Schneider Downs 我们对 blog exists to create a dialogue on issues that are important to organizations 和 individuals. 虽然我们喜欢分享我们的想法和见解, 我们对你要说的特别感兴趣. If you have a question or a comment about this article – or any article from the 我们对 blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, 和 we’d like to hear from you. 电邮至 (电子邮件保护).

所讨论的材料仅供参考, 而且这不能被理解为投资, 税, 或法律建议. 请注意，个别情况可能有所不同. 因此, this information should be relied upon when coordinated with individual professional advice.

我们对

网络安全, IT风险咨询, 风险咨询/内部审计 BY 内森Shepler 4.19.2024

8审查用户访问时的关键考虑事项

网络安全, IT风险咨询 BY 玛德琳Adamczyk 4.3.2024

阿勒格尼县结婚证数据泄露可能影响最近的新婚夫妇

网络安全, 卫生保健 BY 丹尼尔Hooven 3.11.2024

$1 Billion a Day: Unpacking the 金融 Aftershock of the Change 医疗保健 Cyber-Attack

下载前先了解情况:探索Temu应用程序的安全风险