Holidays and Social Networking Identity Theft Scams

Identity theft scammers come in many different varieties. Some are quite crude in their methods of obtaining an identity. This can be seen in those who will dig through your garbage or try to steal your mail out of your residential mailbox. Then there are those who have moved along with the times and are keenly aware of new trends in technology and social interaction. An example of this can be found in those who exploit technology and the current trends within social engineering. You may think that the term “social engineering” sounds pretty cool and is a safe pastime that you can use to get “connected” with others. However, social engineering can be a vehicle for deception in which unethical individuals will try to manipulate others in order to coerce them into revealing personal data. This personal data could then be used for the purposes of identity theft. The most common means of trickery is perpetrated by playing on the emotions of the victims.

What information is sought through social engineering?

The primary information target of social engineering can be any personal data which will allow a bogus account to be set up. This includes credit card numbers (with the CVC, CSC, CCID, etc. ID number), Social Security numbers, access codes, PINs, account numbers and other valuable pieces of information. There have even been instances of victims being tricked into directly handing over money to criminal social engineers.

Various holidays are especially advantageous to scammers, since they are usually attached to some sort of emotion. These don’t need to be major holidays, such as Christmas. The feelings of love (or loneliness) attached to Valentine’s Day will do just fine. Here, you may find a spyware keylogger as an email attachment informing someone that an admirer has sent them a “Valentine’s Day card”.

Anytime that you find consumers in a deeper emotional state, you will find those that are ready to take advantage of the situation. In these cases, criminal social engineers are waiting for people to let their guard down. Beyond email, these attacks may also be undertaken over the phone, by regular mail or even in person. Social networking websites, such as Facebook and Twitter are especially vulnerable.

The financial approach to identity theft

You need to be careful when it comes to offers that promise to help you earn extra money for the holidays. These offers will usually sound too good to be true, though. This is also the case with offers to work towards a huge discount on a holiday gift item. These types of scams increase significantly in volume when the economy is down and more people are out of work. With this type of a scam, the thief will request information, such as a info from a bank account or Social Security number (usually both) in order to “pay” the victim for the work requested. This may even include obtaining personal data that is used for paying bogus fees associated with the fake job scam.

You should beware of prices that are way too low to be realistic for holiday item “sales” from fraudulent companies. Once a person clicks on a provided link, they can be taken to a fake website that is only designed to collect personal data. This is done under the pretence of placing an order. This can be avoided by using a search engine to look up an authentic retailer’s website. Never use a link found on a social networking site or one sent by email.

For most purchases, it pays to do a little research before you decide to buy. Check out a company’s name and see what others have to say about it. You should think twice about even making a purchase from a link posted on a legitimate website. This means that you should refrain from making a quick impulse buy. Not only can you avoid an identity theft situation – but you might find a better deal elsewhere.

Various scam monitoring sites have posted a number of social networking holiday-specific scams. These can include holiday jingle websites that are infused with malware. Telephone calls can be received that purport to be from financial institutions or credit companies that wish to “verify” your personal data, such as a Social Security number. Partial information may have been obtained from a social engineering website.

So-called holiday lottery winnings may also be reported to a victim. The scammer will then ask for personal information for “verification” purposes. If you are requested to wire money to an offshore account (after receiving a fake advance payment check) in order to cover “taxes” – just ask yourself, “Did I even enter this lottery?”

Whether it’s a social engineering “friendship, a holiday or anything else that plays on the emotions identity thieves are always waiting. The best thing that can be done is to stop and think before making any commitments.

Notify of
Inline Feedbacks
View all comments

Jump to:

Would love your thoughts, please comment.x