The 5 biggest online holiday scams of 2021 — and how to avoid them, according to an expert

·8-min read

Yahoo Life is committed to finding you the best products at the best prices. Some of the products written about here are offered in affiliation with Yahoo. We may receive a share from purchases made via links on this page. Pricing and availability are subject to change.

Don't wonder if you've been scammed — protect yourself with Malwarebytes and best practices. (Photo: Getty)

The holiday season is the “most wonderful time of the year," but it’s also the most hectic time of the year. All of the shopping, decorating, cooking and entertaining set the stage for online scams.

“The reason why there's an uptick of online scams during holidays is because people are distracted,” says Adam Levin, one of the country’s leading cybersecurity experts and co-host of What the Hack, a podcast about protecting yourself from online scams.

“They're dealing with concerns about work. They're thinking about charitable giving. They are figuring out the holidays for the family [and] trying to find the perfect gift for somebody.”

Hackers know all of this, and they're ready to take full advantage of your partial attention. Online scams can rob you of money, important personal data or even your identity. Your first line of defense should be to invest in rock-solid cybersecurity software to help keep your system safe.

Malwarebytes Premium Multi Device is an industry-leading software that can help keep your online experience ultra secure and your online shopping seamless. It uses artificial intelligence and machine learning to safeguard your PC or Mac from viruses, malware and other malicious infections that can come from clicking on bad links or shopping on fraudulent websites. It steps in where human error can miss the obvious signs of malicious online activity.

Malwarebytes Premium is free for 30days. (Photo: Malwarebytes)
Malwarebytes Premium is free for 30days. (Photo: Malwarebytes)

Try Malwarebytes Premium Multi Device completely free for 30 days free, then pay just $4.99 a month to protect up to three Windows or Mac computers.

After you’ve installed Malwarebytes Premium Multi Device, your next layer of protection is best practices for online safety. We unearthed five of the biggest scams to watch out for during the holidays, and included Levin’s tips on how to avoid them.

Fake messages about past-due accounts

past due
Do you even have an account with them? (Photo: Getty)

Especially at this time of year, scammers will call you, or send you texts or emails, claiming that you’re past due on an account. It can be anything, from an account as small as your Netflix subscription to something as essential as your utility bills.

“Anything that has to do with a payment that you should have made or that you normally make,” Levin says, scammers will “try to convince you that you didn't make the payment. In some cases, you never even had the account to make the payment. In this period of joyful chaos, it’s an opening, and they take that opening any chance they get.”

The goal of this kind of scam, he says, is to provoke a panic reaction within you so that you’ll immediately hand over money rather than risk losing the service. Levin recommends taking a moment to pause before you react.

“Take a breath, which I know is difficult for a lot of people because they don't have a lot of time and they want to respond quickly,” he explains, “then go directly to your account for that particular product or service. Check your account, because one thing is for sure — if there's a problem, you'll notice.”

Fraudulent warnings about problems with your bank and credit card accounts

credit cards
Go straight to the source if you suspect your credit card account is compromised. (Photo: Getty)

One of the oldest and most prevalent online scams is thieves pretending to be part of your bank or credit card company.

“They love to call, or send emails or texts, trying to convince you that they are your financial institution and there’s a problem with an account,” Levin says. “Once that touches your bank, your credit card, your credit union, that's where they get people to panic because that's the source from which you draw the money or credit you need in order to make the purchases during holiday season.”

Even if the caller ID on your phone indicates that the call is from a legitimate institution, you should never give any personal information to a person who is calling you out of the blue.

“The ultimate rule — I don't care what it says on the phone and I don't care what they say to you — is to hang up,” he explains. “Always independently verify the number and the organization, and then call in directly. It's something as simple as flipping over your credit or your debit card and looking at the customer service line on the back, or going online and independently verifying the specific address of that organization.”

If there’s really a problem, you can sort it out once you call from a phone number you’ve found yourself, or by logging into your online account management site with a link you already have (not an internet search).

Shop it: Malwarebytes, try it for 30 days free and then then just $4.99 a month,

Package delivery messages for packages you didn’t order

Did you order those gifts? (Photo: Getty)

This one might seem like a no-brainer, but with the amount of packages delivered to your house — especially this year when online shopping is at an all-time high — it’s easy to lose track of things. Scammers will leave messages on your phone, or even go as far as hanging a tag on your front door. These are attempts to steal your personal information.

“Never authenticate yourself to anyone who contacts you,” Levin says, by giving away something as simple as your phone number for a delivery you don’t recognize. Even a thief having your phone number can create problems. Scammers could use that to get around two-factor authentication on your accounts by having your cell phone number and intercepting verification texts with codes to let you log in to sites you regularly use.

Websites designed to steal your money and personal information

fake website
It could be a fake website. (Photo: Getty)

There are many ways scammers can take your money through online purchases, but Levin pointed out two major areas of concern.

“The first thing is you have situations where people make purchases from legitimate websites, but unfortunately malicious code has been placed by the checkout on that website so that when you go to checkout, as you are providing information to the particular retailer, you are also unknowingly providing payment information and potential personal information to hackers,” Levin explains. “That's called skimming." One of the ways to avoid it is to use a trusted third-party payment service that allows you to avoid entering your credit card information for a purchase.

The other huge issue to look out for is fake websites that look like websites you know and trust. Many times, scammers will build sites that have just one or two letters missing from a URL — for example, a “.cm” ending rather than “.com,” — which is such a tiny difference that it can be easy to overlook.

“You have to be careful about that, and you need to make sure that you see the lock of the HTTPS, which shows you that it's digitally secure,” Levin says. If you’re unsure of a website, you can also search online for reviews of the site. “See if there have been any complaints about them. Heaven knows on the internet, if somebody's upset about a particular organization, they get very loud and then everyone else who's got an issue with that organization gets very loud.”

Another way to protect yourself is to use a credit card rather than a debit card when making purchases, because a credit card company is more likely to return your stolen money more quickly. “At this particular time of the year, the last thing you need is your credit or your cash tied up,” Levin said.

Shop it: Malwarebytes, try it for 30 days free and then then just $4.99 a month,

Social media charity scams

Scams abound around the holidays. (Photo: Getty)

Since people are inclined to donate more at this time of year, scammers are on the prowl, pretending to be legitimate charities asking for assistance for people in need.

“Every year, this seems to be more prevalent during the holidays,” Levin explains. If a charity contacts you, you can listen to the pitch, but don’t give directly to that person who’s calling you. “I know some people may think it's rude,” he says, “but if you decide you want to give, don't give based on any telephone conversation while you're on the phone. Go directly to the website of the charity or independently confirm the phone number of the charity and call the number they give. Then you can donate with relative peace of mind.”

He also recommends using a third-party website that verifies charities and allows you to click directly through their site to a verified donation link.

But, it’s not all bad news. It’s important to keep yourself educated about online safety, but the more you know, the safer you’ll be. “I think people are becoming more savvy as time goes on,” Levin says, "but it's still somewhat daunting to navigate the internet.”

Shop it: Malwarebytes, try it for 30 days free and then then just $4.99 a month,

Follow us on Instagram, Facebook, Twitter and Pinterest for nonstop inspiration delivered fresh to your feed, every day.

Want daily pop culture news delivered to your inbox? Sign up here for Yahoo Entertainment & Life's newsletter.

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting