Yuliang Zheng, Ph.D.The holiday season brings joy and celebration, but it also sees a dramatic rise in cybercrime. According to the Federal Bureau of Investigation, 12,000 victims lost $73 million to online scams during the holiday season in 2022, with this trend expected to grow with the years.
Yuliang Zheng, Ph.D., chair of the Department of Computer Science at the University of Alabama at Birmingham, emphasizes that vigilance and caution are the best defenses against data breaches and online shopping, credit card and phishing scams.
Festivities go up, cybercrime goes up
Fraudulent online shopping websites mushroom during the holiday season to take advantage of consumers seeking cheaper products during the holidays.
Phishing scams and fraudulent text messages often promote popular items at “discounted” prices. Scammers lure victims with offers for TVs, electronics, makeup and even travel deals. Zheng recommends inspecting email headers and sender details, especially on desktop email apps, to verify authenticity.
“Fraudsters commonly use phishing emails, text messages, social media and even search engine results to capture people’s attention,” Zheng said. “Always scrutinize URLs, particularly those requesting personal information like login credentials or credit card numbers.”
Zheng also warns about AI-generated, authentic-looking phishing spams that are becoming increasingly common.
“Criminals are among the first adopters of advanced AI technology, using it to identify weaknesses in electronic systems and devising attacking strategies such as phishing messages and spams that look legitimate,” Zheng said. “Those AI-generated attacks may be harder to discern, hence people need to be more careful as we enter the AI era.”
Graphic by Jody PotterRisks of online shopping
Online shopping can put credit card and personal information at risk on both legitimate and fraudulent websites. To shop safely, Zheng advises confirming the legitimacy of websites, as scammers have become adept at making their sites look authentic.
“One common trick is using characters from foreign languages that resemble English letters to deceive people into believing they are on a legitimate site,” Zheng noted. “While these characters look similar, they lead to entirely different websites.”
To minimize exposure to credit card fraud:
- Avoid saving your credit card number on websites
- Use a one-time credit card number if available from a credit card provider
- Understand a credit card’s fraud protection policy
- Consider third-party payment services that conceal credit card numbers from merchants
Social media safety
Many people travel during the holidays and publicly post their location or activities/photos on social media, which carries its risks.
“Posting about travels is like announcing to the world, including potential criminals, that your home is empty,” Zheng warned. “It’s best to share photos after returning home.”
Another risk is account takeover, where scammers hack into social media accounts to send money requests to friends and family. Zheng suggests always verifying such requests with a direct phone call.
Things to do in case of a data breach
Data breaches are becoming extremely common. If one experiences a data breach, follow these steps for protection:
- Freeze credit to prevent new inquiries and accounts from being opened in your name
- Monitor your credit report to spot unauthorized activity
- Use a password manager to generate and store unique passwords for each account; using the same password across multiple accounts increases vulnerability
- Inform family members about potential scams to protect them from fraudsters who are impersonating youa