The time has come: Malls will open, prices will drop and web traffic will skyrocket. Millions of customers will flock to online stores, buying everything from smartwatches to televisions, and the parcels will flow.
Most customers will use familiar retail sites like Amazon, Target and eBay. But others will scavenge the internet for less-popular gifts and unbelievable bargains.
Buyer beware: The holiday season is also phishing season. As online transactions balloon over the next few weeks, cybercriminals will have a field day trying to nab credit card and personal data.
A recent study demonstrated that in 2014 and 2015, phishing scams at the end of the year rose by 9 percentage points. Normally, about a third of phishing attacks are "financial," but around the holidays those kinds of attacks rise to nearly half.
Share of financial phishing in overall number of phishing attacks 2013-2016.
In this case, financial phishing usually refers to credit card information, but cybercriminals may have their sites on other personal data as well, such as your PIN numbers, your social security number and your home address. Most banks will sort out fraudulent purchases in a few weeks, but identity theft can haunt you for a long time.
Here are three ways that hackers try to trick you into parting you with data, and what you can do about it.
1. Phishing scams
Phishing techniques usually come in the form of spam emails advertising special sales and phony gift cards. The most recent example was a massive email scam purporting to be from Amazon. But more sophisticated con artists will set up realistic-looking online shops. To put it mildly, if one of these merchants receives your payment information, you will get more than you bargained for.