While the holidays can be a joyous time, it’s not all bright lights and sugar plums. Unfortunately, cooler temperatures and extra demands encourage an uptick in scams and fraud amidst the overall increase in spending. It’s in this blizzard of holiday transactions that nefarious actors can be lying in wait to snatch something even more precious than your figgy pudding: your digital assets and information.
After 25 years working in regulations, compliance, and financial crime, and with a prior background in law enforcement, I’ve learned you’ve got to be ready to protect yourself against a variety of Grinches and Scrooges in December. From spoofing attacks, to unsolicited calls and messages, to malicious hardware and software, there are ample reasons to remain vigilant. Come along as we unpack some of the threats that could be lurking in your stocking.
Keep a frosty demeanor
While we’re all prone to receiving a mountain of well-wishes around the holidays, unknown numbers reaching out via voice or SMS could try a variety of escalating tactics to get you to give up your information. However, despite the many options available in a cyber criminal’s toolkit, most prove useless without a point of access. That’s why it’s important to limit your exchanges with unknown numbers, even if they’re coming from a North Pole area code.
This same principle applies when looking at a digital text. Unless you’re certain of the sender, be on the lookout for bad grammar, typos, syntactical errors, or other obvious mistakes that could reveal an ulterior motive. Oftentimes, when something looks fishy, it is. If you’d think twice about opening a mysterious gift that rang your alarm bells, this should go doubly for unknown links.
In turn, verifying the credibility of a product, tool, or service via a trusted third-party site or search engine can help weed out bad actors. While encrypted systems, VPNs, and multi-factor authentication can help shore up your defenses, there’s no substitute for keeping your head.
Read between the lines
Scammers often appear urgent when communicating to hasten the interaction. Just like an ice patch, this can throw you off balance to elicit a response before you have time to assess the situation. In these moments, take a beat to reassert control, tread carefully, and ask yourself a few simple questions before taking further action: Do I know the person or entity contacting me, have I had an interaction with them before, and is their contact information valid?
Whether they’re claiming to be a reputable institution, a colleague, or superior, confirm their phone number or email address, and reach out directly to corroborate their identity if anything appears remotely questionable.
For example, here’s a message I received just the other day:
Hi, Mark!
Listen, i need you’re help with soemthing. There’s a problem with my slay, and i
need 2 get it fixed! Can you plz send along BTC to help??
don’t make m e put you on the naugty list!
Kris K.
As you might imagine this note stood out to me immediately. Were the holidays in trouble? Could my BTC really help? Then I noticed the spelling mistakes and grammatical errors, and paused to reassess the situation: Is it possible this person, in fact, is not the big man himself? Thankfully, by taking a beat and keeping a cool head, I was able to hold on to my digital assets, and avoid being duped by a yuletide imposter.
Keep sensitive information under wraps
Whether you’re sending out a warm seasonal greeting or whispering your wishlist to a bearded man at the shopping mall, these are both examples of privileged information. it’s important to never discuss private information with anyone whom you did not contact directly, or have a valid reason for disclosing that information to them. Tactics such as phishing scams aim to manipulate your trust, and will often impersonate bosses and authority figures as a means to that end, as my note from the bad Santa above demonstrates.
Lastly, never connect found or mysterious hardware such as USBs to your devices, no matter how nicely they’ve been giftwrapped. Only interact with trusted systems and products of which you know the origin to avoid letting viruses and malware spoil the party. If you’re not very tech savvy, reach out to a friend or family member who can help.
Don’t let financial crime ruin your good cheer. Keep your wits about you and stay safe this holiday season!
Disclaimer: Information provided by CEX.IO is not intended to be, nor should it be construed as financial, tax or legal advice. The risk of loss in trading or holding digital assets can be substantial. You should carefully consider whether interacting with, holding, or trading digital assets is suitable for you in light of the risk involved and your financial condition. You should take into consideration your level of experience and seek independent advice if necessary regarding your specific circumstances. CEX.IO is not engaged in the offer, sale, or trading of securities. Please refer to the Terms of Use for more details.