Wishing, Phishing and SMiShing: Avoiding Online Holiday Scams

by Gary on December 7, 2012

This year, online retailers are expected to take in almost $100 billion in holiday gift-buying revenues, up 17% from 2011.  Access to online buying opportunities has mushroomed to include not only “traditional” websites, but social media portals like Facebook, and smartphone and tablet apps that pare down the essentials to a few easy taps on the screen. Unfortunately, not everyone engenders “good will toward men” at this time of year.  With awareness and some simple common-sense precautions, you can avoid being taken for a cyber-ride.


Yes, scammers are still employing email to bilk you out of your hard-earned dollars. Phishing emails (designed to emulate legitimate businesses in order to trick you into revealing personal information) are expected to overflow email boxes this year. In the aftermath of Superstorm Sandy, security experts also expect to see an uptick in charity scams that employ phishing techniques. Emails that appear to be from well known organizations like the Red Cross, as well as unfamiliar groups, will pull at your heartstrings and your wallet. While it is true that some legit charities solicit by email, you’ll be much safer contacting the group directly instead of using the links you find in unsolicited emails.


Now, there’s a new take on this email scam. Dubbed SMiShing, it’s phishing by text.  Many of these appear to come from banks and mimic the alerts we often receive from our accounts by phone. Their short messages and official looking code add to the ruse.  Best practice is to contact your bank directly — not via return text — to determine if action is necessary.

Social Network Pitfalls

It pays to maintain a healthy dose of skepticism on social networks, too. Scammers have been entreating their “friends” to install once-in-a-lifetime “holiday deal” apps that mine computers for personal information. Be wary of following any links, no matter how legitimate they look.

Secure Shopping

Searches for products can bring up thousands of hits.  Stick to well-known and proven online stores. Crafty scammers set up extremely attractive (but fake) e-commerce sites to lure us into providing payment information in exchange for purchases that never arrive. Make sure the site you’re shopping has a secure website. Look for the “https” in the address. The “s” indicates that it is secure and encrypts your personal information.

If you don’t know the outlet but still want to do business, consider some independent cyber-sleuthing to check out the store’s reputation. Here’s a tip:  Type the store’s phone number into your favorite search engine and see what others have to say about it. If your workplace is amenable, have your packages shipped to your office.  That way, there’s always somebody to receive the delivery and sign for it. Folks troll neighborhoods this time of year looking for delivery trucks and boxes left in bushes and garages and behind screen doors.

Credit Card vs Debit Cards

Consider using credit cards instead of debit cards. If your credit card information gets into the hands of an unsavory character, credit cards generally offer more protection. You are typically responsible for only $50 worth of unauthorized purchases, whereas unauthorized use of your debit card could clean out your checking account. Check with your issuing bank to learn more about your liability limits.


Ultra-lost cost travel deals are a favorite come-on for scammers. Who doesn’t want the best deal to get home to family or onto that sunny Caribbean island? Taking heed of precautions like working with well-known websites, and avoiding those pop-up ads for $99 vacations will serve you well. Savvy travelers are not immune. The FBI recently issued a warning about attempts to gain personal information from users of major hotel wi-fi systems. Apparently, guests were prompted to download a fake software update during the log-on process that gathered personal information and even made information on company laptops vulnerable.  .

Finally, and probably the most basic information of all: keep in mind that “unbelievable low prices” and “amazing deals” are usually just that – unbelievable. I have yet to see a legitimate no-strings-attached offer on a $49 iPad.

Leave a Comment

{ 1 trackback }

Previous post:

Next post: