The top ten scams to watch out for this Christmas

On the fifth day of Christmas, my true love gave to me, an app which stole my identity.
1 of 11 Charlie Osborne/ZDNet

The top scams in the 2013 holiday season

Online threats are part-and-parcel of life on the Web -- but the end of the year proves to be a lucrative time to give cybercriminals the gift of your bank details or personal data.

As the holiday season comes in to full swing, more consumers use online banking and retail sites to complete their Christmas shopping. However, consumers are often duped by a number of tactics employed by criminals to profit from a lack of security awareness.

From fake charity campaigns to emailed shipping notifications, the ways that criminals attempt to steal your data are varied, creative and widespread. It's not easy to remain vigilant all of the time, but for some tips and advice on what to look out for, check out this gallery of the top ten scams this holiday season. 

2 of 11 Charlie Osborne/ZDNet

1. Mobile apps lacking Christmas cheer:

Due to the explosion in popularity for mobile devices, cybercriminals are now the creators of legitimate-looking apps that feature holiday shopping deals, celebrity endorsements and time-sensitive offers. However, these often-free applications, once downloaded to your smartphone or tablet, may steal or modify your data. Malicious apps may intercept your communication, steal your banking data, and may forward you to premium services. In addition, an app may bypass authentication systems by asking for a code to be sent to your mobile device.

How to stay safe: Review applications before downloading. In particular, check out its star rating, and what others have said about the software.

See also:

3 of 11 Charlie Osborne/ZDNet

3. The hottest gifts this season in scams:

As belts tighten, many of us look for holiday gift and travel deals online. However, malicious links to fake websites, phishing scams and phoney contests on social media can all be gateways for cybercriminals to gain access to your personal data or download malware on to your devices.

Not only this, but you run the risk of being hoodwinked into purchasing cheap products that you believe to be designer, only to find that amazing "deals" are for counterfeit products. 

How to stay safe: Purchasing from official retailers lessens the risk of being duped, and try to verify low prices that look too good to be true.

See also:

4 of 11 Charlie Osborne/ZDNet

4. Seasonal Travel Scams:

Emailed and social media travel deal links and notifications -- whether through shared content, competitions or paid-for advertising can all be used to trick users into submitting their personal data. In addition, if PCs become infected with spyware or malware when visiting a malicious site, scammers can install keyloggers or convince you to complete a fake purchase.

This isn't just it; while we all would love to brag we visited the Alps for $200, criminals that seize your money for a fake travel package is a common way that consumers can lose out. 

How to stay safe: If something looks too good to be true, it probably is -- and you can save yourself heartache by following a few simple rules. If a website offer looks too good, then conduct a quick review on Google, such as "thiswebsite.com reviews" to find out if the service is legitimate, and don't forget to regularly perform anti-virus sweeps. This, in turn, can also help you find out if the firm -- while real -- is a poor choice to spend your hard-earned cash with.

If you accidentally click on phishing emails or conduct dubious online purchases, two-step verification purposes may help you if you accidentally give away your details -- rather than find your account cleaned out later. 

5 of 11 Blue Mountain

5. E-Seasons Greetings? Not quite:

Merry Christmas, here's your malware. Postcards and snail mail seasons greetings are giving way to e-cards as a way to wish your friends and family a Merry Christmas -- and so naturally, malicious apps and software are in on the consumer trend. Legitimate looking e-cards may cause unsuspecting users to download viruses after clicking a link or attachment in an email.

How to stay safe: Check gift cards that you receive for suspicious misspellings in your name, the company's, or in the subject title. If you're concerned, it's best to simply click the delete button.

6 of 11 Angry Birds

6. Malicious online games -- Be careful of the kids:

A common problem, many malicious apps pretend to be popular games on smartphones and tablets. From Angry Birds to Grand Theft Auto, malicious apps can be found within the Android and iOS ecosystem -- so if you hand over your device to amuse children, be aware of the games' sources. Malware, in-app purchases and social media pages embedded in the apps can all threaten your device's security -- and any accounts linked to it.

How to stay safe: Talk to your children about how to spot and avoid potential scams, and only allow them to download apps under your supervision -- where you can check the rating and comments left about an application. Buying and downloading games from reputable sources will also help.

See also:

7 of 11 CNET

2. Holiday Mobile SMS Scams:

When you choose to download apps or files from the web, FakeInstaller tricks Android users into thinking the download process is legitimate -- and may send SMS messages from your mobile to premium rate numbers without your consent.

How to stay safe: Double check the legitimacy of files and apps you are downloading.

See also:

8 of 11 Little Riot

10. Are you the one?

Romance scams are a constant threat to online users. Whether short or long term, users of dating sites are conned out of their hard-earned cash every day -- paying for an online person to deal with an emergency, or paying for them to visit. However, messages sent from a potential "love interest" can also include phishing scams, where the person accesses your personal information such as usernames, passwords, and credit card details.

How to stay safe: Log on to trustworthy dating sites, and no matter how nice the person seems to be, be extremely careful about giving out personal information -- and never give any money away.

See also: Essential apps for long-distance relationships

9 of 11 Panda Security

7. Waiting for gifts to arrive? Don't be fooled:

Fake shipping notifications can pretend to give you updates on product deliveries, but in reality, can be scams that carry malware and software designed to infect your PC and devices. Some may ask you to click on links and input bank or address details.

How to stay safe: If it looks suspicious, contact your bank directly via phone, secure website, or in-person, and never input any bank-based details. In addition, checking the domain name on shipping emails is usually a sure-fire way to check legitimacy.

10 of 11 ThreatTrack Security Labs

8. Gift cards that are not always what they seem:

Gift cards are an easy option in the holiday season, but deceptive social media ads touting exclusive packages and deals can lead to fake purchases.

How to stay safe: Check the domain name and reputation of a seller before making any purchases.

11 of 11 Charlie Osborne/ZDNet

9. Giving to charity, or a criminal's pocket?

Donating to charities is common this time of year, but cybercriminals capitalize on this -- and fake charity events and websites put donations straight into their pockets.

Emails and advertising campaigns may include the real charity's logo, details including the address, well-written pitches and links to donate online -- but don't be fooled. 

How to stay safe: Do background research on the charity you’d like to donate to, and do not give out personal information if you have the slightest suspicion things are not what they seem. Be aware that these scams often surface in the wake of disaster -- such as the recent typhoon in the Philippines -- and don't give in to guilt-laden pleas, images of disaster, or "suggested donations." Even better, decide in advance which charities you want to give to and contact them directly, rather than risk a potentially fake donation on a whim. 

Related Galleries

Hyundai Ioniq 5 and Kia EV6: Electric vehicle extravaganza

Related Galleries

Hyundai Ioniq 5 and Kia EV6: Electric vehicle extravaganza

26 Photos
A weekend with Google's Chrome OS Flex

Related Galleries

A weekend with Google's Chrome OS Flex

22 Photos
Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup

Related Galleries

Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup

8 Photos
Inside a fake $20 '16TB external M.2 SSD'
Full of promises!

Related Galleries

Inside a fake $20 '16TB external M.2 SSD'

8 Photos
Hybrid working, touchscreen MacBook hopes, cybersecurity concerns, and more: ZDNet's tech research roundup
Asian woman working at a desk in front of a computer and calculator

Related Galleries

Hybrid working, touchscreen MacBook hopes, cybersecurity concerns, and more: ZDNet's tech research roundup

8 Photos
Developer trends, zero-day risks, 5G speeds, and more: Tech research roundup
Person seated at a booth in a cafe looks at their phone and laptop.

Related Galleries

Developer trends, zero-day risks, 5G speeds, and more: Tech research roundup

10 Photos
Drive Electric Day: A dizzying array of EVs in sunny Florida

Related Galleries

Drive Electric Day: A dizzying array of EVs in sunny Florida

16 Photos