What Scammers Want in Their Holiday Haul

Naughty or nice? There’s no question on which list scammers land. During the holidays, cybercriminals are more cunning than the Grinch on his best day. Sometimes all it takes is your name, date of birth and address for cybercriminals to steal your identity, access your bank accounts or even take out loans and mobile phones in your name.

The truth is that the gifts scammers would like to receive this year would make Scrooge smile. Here are some clues about what they’re asking for:

“It’s beginning to look a lot like your banking PIN numbers”

The common cybercriminal wants your PIN number or access to your finances more than anything else. Fortunately for the scammer, many people have wrapping and ribbons around their presents tighter than the security around their own personal identification numbers, or PINs. Birth dates, anniversaries and simple “1234” combinations are often used to secure things like debit cards, credit cards and other banking accounts. If a scammer or thief gets hold of your credit card numbers or bank information, they’ll likely search through personal information posted publicly on social media and other sites to find the right combination of numbers to crack your PIN codes.

“I’ll have a blue Christmas … without your Social Security number”

Identity theft is a practice as familiar to cybercriminals as toy-making is to elves at the North Pole. One of the most common forms of identity theft occurs when your Social Security number is stolen by a scammer. Cybercriminals can use your Social Security to take out a loan in your name, use your insurance for medical treatment, pay for their utilities, identify themselves, sell your information and carry out a multitude of other scams.

“I saw mommy buying prepaid debit cards”

Scammers are always on the lookout for valid yet untraceable sources of money, especially during the holidays. There’s almost nothing they’d love to see more than a stack of prepaid debit cards piled up under the tree. One way scammers will lure you in is by pretending to be a relative or close friend claiming to be in trouble and asking you to wire them money for fake medical or travel expenses. Cybercriminals will often request some form of payment from you, often in the form of prepaid debit cards, gift cards, money orders, cryptocurrencies or other anonymous funds.

“Rocking around the firewall”

Many cybercriminals not only want your personal information but your employer’s information, too. How’s that for a stocking stuffer? They’ll use your passcodes, employee ID numbers and login information to gain access to servers, networks, computer hardware and other secured information. Firewalls and other cybersecurity tactics are in place to monitor and mitigate these kinds of targeted scam attacks, but protections are made even stronger when employees stay alert to avoid the tricks deployed by cybercriminals.

“Do they know it’s a scam at all?”

The most conniving scammers use fake emails, text messages and copycat websites to steal your identity. This is often called phishing, spear phishing or spoofing, and it’s one of the most common methods by which cybercriminals steal personal data. Using a number blocker or sneaky short link, the scammer may say that they need to verify your customer record due to an error. They may offer you a prize for filling out a customer survey. Or they may ask you to log in to a duplicate of a frequently visited app or website.

Want to make a cybercriminal’s plans melt faster than Frosty the Snowman in July? The next time you see something online that strikes you as suspicious, just stop and say, “Ho-ho-hold up!” By staying alert and aware online, we can do our part to keep scammers where they belong – on the naughty list.

To stay informed about the various scams and common cybercrimes, visit our Cybersecurity Awareness Portal page for a growing library of themed Cyber Moments and other resources.