Don’t Get Scammed This Holiday Season: 5 Scams to Watch Out For

The holidays are a time for joy and celebration, but unfortunately, they’re also a prime time for scammers. With everyone busy and often distracted, it’s easier for cybercriminals to take advantage. To help you stay safe and protect yourself (and CSC!), we’re highlighting five common holiday scams to watch out for.

1. Phishing Emails: The Classic Trap

Phishing emails are a perennial favorite for scammers. They often impersonate trusted sources like executives, HR departments, or even vendors. These emails might contain links to fake websites designed to steal your login credentials or attachments laced with malware. Clicking on these can lead to identity theft, financial losses, or even data breaches for your company.

• Pro Tip: Before clicking on any links or opening attachments, especially in emails you weren’t expecting, take a moment to verify the sender. If something feels off, it probably is.

2. Vishing (Voice Phishing): The Personal Touch

Vishing takes phishing a step further by using phone calls. Scammers might call pretending to be from your bank, CSC HR, or even a colleague, urgently requesting sensitive information or immediate payments. The personal nature of these calls can make them incredibly convincing.

• Pro Tip: Never share personal information over the phone unless you’re absolutely certain of the caller’s identity. If you’re unsure, hang up and call the official number of the institution they claim to represent.

3. Unpaid Invoice Scams: Targeting Businesses

These scams target accounting and finance teams by sending fake invoices for goods or services that were never provided. Falling for this can lead to financial losses and damage relationships with legitimate vendors.

• Pro Tip: Always double-check invoices for accuracy and confirm with the vendor directly before processing any payments. A quick phone call can save you a lot of trouble.

4. Social Engineering: The Fake Charity Ploy

During the giving season, scammers often exploit our generosity with fake charity requests. They might impersonate well-known organizations and solicit donations for non-existent causes through emails or social media.

• Pro Tip: Before donating to any charity, especially if the request comes through an unsolicited email or social media post, verify the organization’s legitimacy through their official website or a reputable charity rating site.

5. Fraudulent E-Cards and Holiday Greetings: A Digital Trap

Receiving a holiday e-card can be a nice surprise, but be cautious of e-cards from unknown senders. Opening these could lead to credential theft or even put your network at risk.

• Pro Tip: When in doubt, don’t click! It’s better to be safe than sorry. If you’re unsure about an e-card’s legitimacy, delete it.

Staying Protected at CSC

At work, you have an extra layer of protection: the Phish Alert Report button. If you receive a suspicious email, use this button to report it immediately.

• Quick Note for Outlook Users: Sometimes Microsoft updates can hide the Phish Alert Report button. If you don’t see it, look for the ellipsis (…) or an arrow at the top of your Outlook toolbar. It should be located there.

Key Takeaways for Everyone:

• Pause, Examine, and Report: Be wary of unsolicited emails, phone calls, or messages.
• Verify Before Acting: Always verify suspicious requests before taking any action.

By staying vigilant and following these tips, we can all enjoy a safer and happier holiday season.