Email scams significantly rise during the holiday season, exploiting higher online spending and increased inbox traffic. Cybercriminals use familiar tactics, modifying them to fit seasonal themes, seeking to steal money and personal information from unsuspecting recipients.
Email scams surge during holidays are targeting online shoppers
Google identifies three prominent scams this holiday season: invoice scams, celebrity impersonation scams, and extortion scams. In invoice scams, recipients receive fake invoices demanding payment, often inciting panic that leads to impulsive responses. Celebrity scams leverage the likeness of public figures to tempt users into clicking on fraudulent links or making purchases for non-existent endorsements. Extortion scams threaten to reveal personal information unless a payment is made, leveraging fear to coerce compliance.
The increase in holiday-related emails makes it easier for scammers to blend into legitimate communications, thus complicating detection efforts. The prevalence of online shopping means individuals are more likely to fall for phishing attacks disguised as order confirmations, shipping updates, or donation requests to charitable organizations. Many scams exploit the goodwill fostered during the season, encouraging users to act quickly without verifying the email’s legitimacy.
The scams you’ll regret ignoring in 2025
Common tactics include fake online stores, which mimic well-known retailers by using look-alike domain names and email templates, thus tricking consumers into making purchases for counterfeit goods or receiving nothing at all. Similarly, charity scams pose as genuine requests for donations, taking advantage of the festive spirit to deceive individuals into contributing to fraudulent causes.
Other prevalent scams include fake shipping notifications, which create urgency by claiming packages are held up due to customs issues or missing information. These emails often contain links to phishing sites designed to harvest personal information or payment details. Additionally, holiday flash sales and offers are a rich breeding ground for scammers, who send emails urging haste to claim deals that are often non-existent or require sharing sensitive information.
Gift card scams can occur on both consumer and organizational levels, especially during year-end holidays when gift card purchases increase. Cybercriminals impersonate company executives to trick finance teams into purchasing large amounts of gift cards, while consumers may receive fraudulent emails claiming discounts from reputable brands, resulting in financial losses.
It’s crucial for users to set up protective measures against these scams. Google recommends the following strategies:
Best practices for holiday scam prevention
- Slow down: Scammers often use urgent language to provoke panic. Take time to analyze emails.
- Double-check: Verify the sender’s email address and scrutinize links before clicking.
- Do not disclose personal information: Avoid sending personal or financial information without confirming authenticity.
- Use trusted sources: Purchase only from reputable vendors and cross-check any offers or sales directly through official websites.
- Enable multi-factor authentication: Set strong passwords and employ layered security on accounts to minimize unauthorized access.
- Report scams: Use reporting features in your email client to help protect others.
Cybersecurity experts highlight the importance of awareness, urging users to recognize signs of fraudulent activity. Checking web addresses for spelling errors, ensuring the presence of a padlock symbol for secure sites, and seeking reviews prior to interacting with unknown platforms are all vital steps in mitigating risks.
Featured image credit: Kerem Gülen/Midjourney
