The Christmas delivery parcel scam
“The number one thing I would focus on for the holiday season is parcel scams because there’s some really nasty ones around at the moment,” says Delia.
Scams tend to take one of two forms. In the first, victims may receive a call from someone purporting to be from a reputable postal service and claiming that they failed to deliver a parcel to them. The scammers will then seek a fee to redeliver it.
“We know that at Christmas time people think it must be a present and get all excited but, in fact, it’s a scam,” she said.
The second major form of the scam is a phishing email appearing to be from a reputable postal supplier but contains a web link to a malware site. When the user visits the site their computer is infected with so-called ‘ransomware’, which locks their files. The scammers then demand a fee to unlock the files.
Teresa Corbin, chief executive of the Australian Communications Consumer Action (ACCAN) said holiday periods were particularly problematic as they expand the potential pool of victims.
Ordinarily, she explained, scams would touch small business owners and older consumers that spend more time at home.
“Of course, at holiday time more people are at home during the day to take calls. Scammers are aware of that so you do hear more [scam] reports,” says Teresa.
Be vigilant online around Christmas
Daniel Kardane, product specialist with anti-virus software maker Kaspersky Lab, said that scam operators often tailored their activity toward online shopping during the Christmas season.
“It’s a very common thing this time of year because online shopping has grown a large amount recently and a lot of Christmas are Christmas shopping online,” says Daniel.
Again, scammers create fraudulent spam email carrying branding from a reputable and well-known online shopping service in an attempt to induce victims to download malware or divulge information that could be used to compromise them financially.
Consumers may also be particularly vulnerable to travel scams, which have become more common during the past year, the ACCC has warned.
Don’t open your door to identity fraud
The major one that the regulator has been monitoring exploits two major airline brands. The scammers contact potential victims by phone asking them to claim travel credits that they’ve won as a reward for recent travel. They then advise the victim that they need to reveal credit card details and personal information to claim the reward.
“It’s a classic identity fraud,” says Delia. There are no travel credits, “What in fact happens is that money goes out of your wallet … we’ve had a huge number of complaints on that scam.”
The ACCC also recommend that consumers take extra steps when dealing with charities soliciting money at this time of year. “If you want to give money to charity, do a Google search and get their proper website or go to the Australian Charities and Not-for-profits Commission. They have links to all registered charities,” says Delia.
She said that the season might also lead to a rise in scams exploiting major bank brands. In this case, scammers may call victims claiming that they need to rectify unauthorized transactions on their account in an attempt to commit identity fraud. “If you get one of those calls, hang up and contact your bank through their official numbers,” she advised.
Steve Hui, an expert in redeeming flight points, and CEO of iFLYflat says, “Amex actually has travel credits linked to some of their credit cards, but you need to redeem these online. They certainly don’t call you.”
Steve further adds, “Definitely don’t deposit any money into someone’s bank account, because those funds cannot be reversed. At least if you do make the error with giving out credit card details, you can dispute the transaction.”
Some use these systems for marketing purposes, whilst others, use it with more malicious intent – to scam you.
Scammer’s spoof real-name companies
You cannot blindly trust any form of communication, be it electronic or over the phone, as it’s very easy to ‘spoof’ the origination. According to Andrey Shirben, founding investor at Avantgard, the Australia-Israel Cyber Centre:
“Some basic precaution measures should be taken, such as not clicking on any links within your email. Even if these links are coming from your contacts, as their computer could be infected – spreading malicious content.”
Andrey further adds, “Also, if you’re getting an unsolicited phone call from someone who claims to be from your utility, bank, super fund etc. And, at the start of the call you’ve been asked to provide identification details for ‘security purposes’ – refuse to do so, hang up, and call the centre yourself.”
Keep in mind that most Australian companies usually use your D.O.B. and email address as a means to authenticate a person – which, are easy to find on the web. A good rule of thumb is to “double check” the person that’s contacting you “is” who they say they are.
*Originally published: December 22nd 2016. Updated December 21st 2017.