The holiday season is a prime time for cyber-criminals to exploit consumers who are spending more time and money online, traveling, and spending time with loved ones. Cybersecurity defenses are constantly being tested, as hackers strive to steal data and hold it for ransom. They’re also looking for ways to redirect wire transfers to fraudulent accounts motivated by big money, coupled with a low risk of being caught.

But you don’t have to be a victim. Learning to identify the telltale signs of fraud is your first and most important line of defense. Here are some common schemes that cyber-criminals use to trick their targets into opening an attachment, clicking a link, or revealing sensitive information:


  • Order or shipping confirmations with attachments or links to view or track items you didn’t order, even if they look credible.
  • Attachments claiming you won a prize for a sweepstakes you didn’t enter.
  • Messages instructing you to reset your password by clicking a link.
  • Unsolicited requests to purchase gift cards.
  • Unexpected requests to provide data or remit payment for services.
  • Communications inviting you to rate the U.S. Postal Service or another company by clicking a link.
  • Phone calls that appear to come from a family member in trouble who needs money right away.



  • Did I place an order for this item? If not, go straight to the source and check your receipts or order status on the vendor’s official website.
  • Do I remember entering this contest or sweepstakes? If not, it’s likely a scam. By clicking a link to claim your prize, you could infect your computer or mobile device with malware.
  • Would someone sending me a gift spoil the surprise by using my email address for order or shipping confirmation? If you didn’t receive the item referenced, the communication is likely a scam.
  • Was I recently locked out of my account or did I request a password reset? If not, a fraudster may have attempted to access your email account or impersonate a vendor to trick you into revealing your personal or financial data.
  • Would a friend or family member call me with an urgent request to send them money? If this is out of the ordinary or seems suspicious, it could be a fraudster using voice cloning to impersonate someone you know.



If something feels “off,” take a moment to check the credibility of the request before acting on it. Never assume it’s safe to click a link or open an attachment in any communication, even if the request appears to come from someone you know. Here are some pro tips to help protect yourself:

  • Never use the contact information provided in an unsolicited communication. It could lead you to a bad actor who is prepared to continue the ruse.
  • When hovering over a hyperlink in an email, check the URL to ensure it matches the organization’s official website.
  • Always be suspicious of changes to wiring instructions. Legitimate changes are extremely rare, even if they appear to come from your title company or closing agent.
  • Always contact the alleged sender of a communication using a verified phone number. Consider adding the number of title or real estate professionals you’re working with to your cell phone contacts for quick reference.

Educating yourself about the latest cyber-crimes and fraud schemes can help protect your funds and keep your holidays merry and bright.