by Dave Moore, CISSP
11/21/2021
Remember the old saying, “if it sounds too good to be true, it probably is?” Well, buyer beware, because it seems a whole lot of “too good to be true” may be coming our way.
The Internet bad guys ramp up their scam operations every holiday season, and this year will be no exception. Expect an onslaught of “phishing” emails and “smishing” (who thinks up these words?) text messages. If you see or hear these goofy terms, just substitute the word “fake.” Fake emails and fake texts are the top ways online crooks trick us into getting in trouble.
What’s different about fake emails and texts this holiday season? A lot of the bad grammar that used to send up red flag warnings tipping off astute users to a potential scam is gone. Don’t get me wrong; there’s still plenty of bad grammar in scam emails, but the bad guys have learned if they hire people fluent in English to write the scam messages, they are more successful.
The bad guys are using better artwork in their scam messages, too. Most people are shocked to learn how easy it is to copy things on the Internet, like company logos, pictures, and even entire website pages. Including these items in the scam message can make them more realistic looking and convincing to gullible clickers. Seeing the official Amazon or Walmart logo, or the logo of the company you work for, combined with a picture featuring a cheery “help desk” person with a headset on is often enough to push potential scam victims over the cliff.
Many scam messages can appear legitimate because they use your actual name, address or phone number. Don’t be fooled by these tricks. Getting someone’s name, address and phone number from the Internet is as easy as falling off a greased log backwards. Scammers maintain databases of millions of names, addresses, phone numbers and more. Just because a message contains legitimate information about you does not mean the message, itself, is legitimate.
Billions of packages are delivered all around the globe during the holidays, and scammers take advantage of the anticipation people feel at the idea of receiving a gift package. Fake “delivery notices” will be sent, asking people to click something to “confirm” their delivery. Emails and texts allegedly sent by the USPS, FedEx, UPS and Amazon will flood inboxes, begging potential victims to click on links that will bring them nothing but grief.
Phony shopping websites will pop up by the thousands, hawking incredible-sounding deals on high-demand items like game consoles, TV’s, laptop computers and the like. $100 for a Sony PlayStation? You bet! A high-end Dell laptop for $75? Who could resist such great deals? The abundance of online scamming is making a pretty good case for shopping in actual, physical stores you can walk into, see the merchandise and buy something. I have yet to buy something in a local store, take the item home, open the shopping bag and find it empty because the store scammed me.
Dave Moore, CISSP, has been fixing computers in Oklahoma since 1984. Founder of the non-profit Internet Safety Group Ltd., he also teaches Internet safety community training workshops. He can be reached at 405-919-9901 or www.internetsafetygroup.org