Skip to main content
Assorted holiday gift cards

‘Tis the Season to Avoid Holiday Scams


‘Tis The Season to Avoid Holiday Scams

Scammers use the Holidays to glean your personal and financial information and infect your computer with identity-stealing malware.  Here are the top 4 schemes, and how to avoid them.

  1. Bogus Email Notifications claiming to be from FedEx, UPS, DHL, or the US Postal Service has a delivery for you. Don’t click, because if you do, malware is delivered to your computer.  These fake notices typically lack your name, a tracking number, and may be sent via Yahoo or Gmail.  They lack a legitimate “” address.  Before you click on the link, type in the courier company’s website address to authenticate it.
  2. Links on social media or through search engine results that are touting bargain prices, or the latest hot gift idea can contain malware. These scams are trying to steal your credit card information or sell you inferior counterfeit goods.  Carefully read website addresses for slight tweaks, such as extra letters or words (i.e. Favorite Brrcom) or websites that don’t end in the usual .com or .org.  Only give credit card numbers on legitimate sites that that have an address beginning with https:// – the “s” brings security.
  3. Charity cons are very popular with this time of the year for tax write-offs. Some “hot-button” causes claim to benefit police, firefighters, veterans, sick/needy children, victims of natural disasters. Ignore all email solicitations.  Watch for imitative words, such as “National” rather than “American” in a well know name.  Unless you dialed the call, don’t provide a credit card number over the phone.  Before donating, verify an organizations legitimacy at or or
  4. Free giveaways offered on websites. Unless it is offered on websites of trusted retailers, assume it’s another ply to install malware or “phish” for sensitive information.  Holiday-themed screen savers and phone ringtones can also contain malware.  Promises of free vacations want you to join as long as you give them your credit card number for a “deposit.”

Finally, delete any e-card greeting that arrives with no specific, recognizable name.  If the notification contains a confirmation code, first go the issuer’s website and then put in the code, such as