Voice of the Industry

You better watch out! You better not click! – When cybercriminals want to spoil the holiday season

Thursday 9 February 2023 10:13 CET | Editor: Irina Ionescu | Voice of the industry

Scott Augenbaum, Cybercrime Prevention Speaker & Retired FBI Supervisory Special Agent, discusses the cyber dangers of the holiday season, emphasizing on Cyber Monday and Cyber Tuesday, some of the busiest times of the year for both merchants and fraudsters.


The holidays! You’ve got to love this time of the year.

It all begins with Thanksgiving – that time when we eat way too much turkey and pie, watch football and Macy’s parades, all while avoiding heated political discussions with angry family members. However, as the holiday shopping season draws closer, Thanksgiving serves as a wake-up call.

Even before Thanksgiving, there are many deals you could take advantage of simply by shopping on your phone, but is there a catch? With the growing popularity of online shopping, stores are willing to push Cyber Monday closer to Thanksgiving Day. Moreover, Americans spend 95 million hours or roughly 3.5 hours per person, on average, browsing for treats and sales during Cyber Monday, which underlines the high stakes of the event.

Cybercriminals don’t celebrate Thanksgiving

But when they do, they’re biting into turkey legs as they relentlessly prey on victims behind a computer screen. As we add items to our online carts, they are celebrating in a different way. This is the unfortunate time that might be referred to as ‘Cybercrime Tuesday.’

Stay ahead of a cybersecurity scandal on Tuesday morning

On Cybercriminal Tuesday, everyone receives an email that looks as if it was sent by Amazon, Best Buy, Target, Walmart, FedEx, UPS, or even the USPS, which may read: ‘Your package has been delayed in shipping!’ or ‘Your item is out of stock!’ or ‘Your credit card is invalid’.

The email then directs you to click on a link, to log into your account and rectify the issue. Many gullible people click on it, which turns into millions of opportunities for a team of con artists to score a big payday.

What happens when you click on the link? 

  1. You click on the link and get redirected to a phishing website, where you log in with your account credentials. At this time, the cybercriminal uses your account to max out your credit card and later sells the goods they purchased.

  2. You click on the link and malware is installed on your device, which steals your username and password for all your sensitive accounts.

  3. You click on the link and ransomware encrypts your entire home network and turns off all your smart devices - TVs, appliances, lights, cameras, and alarms until you pay the ransom, potentially impacting your privacy and the security of your loved ones. 

Expect (and suspect) all emails to be phishing emails

Cybercriminals are going to ramp up their efforts as we get closer to Christmas Day. So, even if you think that link is legit, do not click on it. Instead, log into your account from the browser and only get in touch with the customer service from the website you shopped, to avoid being scammed.

Cybersecure minds: Tips to make your holiday shopping more secure

Blue Christmas, White Christmas, Black Friday, Cyber Monday – we did it. We’re now past Thanksgiving, ready for the shopping frenzy that comes with the kick-off to the holiday season.

If you are like most folks, you took advantage of some great deals online and stockpiled your gifts for family and friends. This is when cybercriminals start unraveling their plans for their next big payday. And, while we wait for our first wave of packages to arrive, they will start sending out their first wave of phishing emails.

How can you be sure it’s real or a hoax?

The first step is already done: you are aware that this could happen to you. You must also be sure to read your emails carefully and look at where the email is coming from.

Ten times out of ten, phishing emails will direct you to click on a link to resolve the problem when, in reality, you will be redirected to a false website (that looks incredibly similar to the original one), and asked for your credit card number, account number, or login information.

Avoid the hassle by going to the original website to log into your account. Nine times out of ten there will not be a problem at all.

If it looks too good to be true, it probably is

While some deals are incredible, be wary of amazing price drops. Only shop at reputable retailers, directly from their website and not from your email, as it could be the difference between having your money stolen and having a happy holiday.

Do your research and be wary of fake websites. Fraudsters may even write fake reviews, trying to get you to believe you are getting the deal of a lifetime, so don’t fall for it.

The most important piece to any real or fake transaction is the money component

How do you pay for your purchases after ensuring the shopping link is secure? Which method is better – debit or credit cards?

You should only use your credit card for online transactions, not your debit card. Acredit card is not attached to your bank account so you can later dispute a false transaction, in case you fear the fraudulent use of your credit card info.

However, when fraudulent charges are on your debit card, the money is removed from your checking account and you are then forced to work with the bank to have the funds redeposited in your account. You will need to file affidavits stating the charges are not yours and, in many cases, the banks require a police report. In some circumstances, it may take a couple of weeks to fix the problem, if it can even be resolved.

Remember your cybersecurity is in your hands. Don’t let it get into the wrong ones! Happy shopping and happy holidays!


This editorial is part of The Paypers' Fraud Prevention in Ecommerce Report 2022-2023, the ultimate source of knowledge that delves into the world of fraud prevention, revealing the most effective security methods for companies to stay one step away from bad actors and secure their businesses. 

About Scott Augenbaum

Scott joined the Federal Bureau of Investigation (FBI) in the New York Field Office in 1988 as a support employee. In October 2003, Scott was promoted to Supervisory Special Agent in the Cyber Division, Cyber Crime Fraud Unit. Since retiring from the FBI in early 2018, Scott shares his knowledge by consulting with individuals, groups, and businesses of all sizes. If you are interested in booking Scott or learning more, you can reach out through his website or by writing to wayne@waynehalper.com.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: cybercrime, cybersecurity, scam, online fraud, fraud management, fraud detection, fraud prevention, identity fraud, Black Friday, credit card fraud, payment fraud, debit card, credit card
Categories: Fraud & Financial Crime
Companies: FBI
Countries: United States
This article is part of category

Fraud & Financial Crime


Discover all the Company news on FBI and other articles related to FBI in The Paypers News, Reports, and insights on the payments and fintech industry: