On eve of Cyber Monday, crooks want to rip you off: Here's how to spot 12 cyber scams of Christmas

The season of goodwill is upon us – and cyber criminals are rubbing their hands in anticipation at how to take advantage of our generous festive feelings.

The Mail on Sunday reveals the 12 online scams of Christmas – looking at the most likely ways that thieves will try to empty our bank accounts.

1. Cyber Monday ID swindle

There is nothing like a day of frenzied online shopping to get the fraudsters out in force – hoping you lose your head in the search for a bargain.

Bad Santa: Cyber criminals are rubbing their hands in anticipation at how to take advantage of our generous festive feelings.

If you get an email from an online shop offering a Cyber Monday deal be wary. Tap the website details into an internet search engine to see if others have reported it as being dodgy.

Cheats want your ID – name, address, date of birth, bank details and password. Armed with this data, they can log on to websites and spend your cash.

2. Missing parcel fraud trap

If you arrive home to discover a card sitting on your doormat explaining that a parcel has been left in the porch – but find nothing there – you could be a victim of this scam.

Unbeknown to you a criminal may have hacked into one of your shopping accounts – Amazon for example – and gone on a spending spree using your debit or credit card details. Your details may have been stolen as a result of ID theft.

If you are signed up to a one-day delivery deal, often the criminal will know when to expect the order and be sitting outside your home in a car waiting to pick up the delivery. They might politely intercept the postman – or take the items put in a safe place where they have asked goods to be left.

3. Fake ‘missed you’ delivery card

Even that ‘missed you’ delivery card might not be genuine, but just a criminal ploy to steal your private information.

Many fraudsters print out cards that look like they have come from Royal Mail, but they use a fake phone number asking you to call to ensure a parcel is redelivered.

Unfortunately, at the end of the line is a cyber criminal or answer machine keen to hoover up your personal information so they can pretend to be you – and go on an online shopping spree in your name.

They might use your address or alter online shopping settings to deliver goods to another property.

4. Phoney postal service email

A fraudster pretends to be from a parcel delivery firm such as DHL explaining in an email that an attempt to deliver a parcel to your address has been made but no one was in.

To rearrange delivery you are asked to download a reference number. Attached to the email is a file that if opened downloads a computer virus on to your computer that steals personal details stored on the hard drive.

5. ‘Trojan horse’ malware attack

There is nasty software out there – known as malware – that can infect your computer with a virus and steal personal details while pretending to be your friend.

Because of concerns over cyber attacks at this time of year, many people click on pop-up windows that appear on their computer screen offering free security software. The irony is that the pop-up is often from a fraudster pretending to defend you when they are only interested in stealing your personal details. In the computer world, it is known as a ‘Trojan horse’ attack.

6. Man-in-middle harvesting

Be wary of using public wi-fi in places such as coffee shops because you could be a victim of ‘man-in-the-middle’ crime.

This involves criminals sending out their own copycat wi-fi signal from a special black box gadget that you latch on to by accident. They then spy on what you are doing – and harvest all your private information, including card payment details and passwords.

It often involves sending you a fake copy of a real website, such as the Amazon shop.

The result is that you end up tapping in private information directly to the criminal.

7. ‘Phishing’ with a discount hook

So-called ‘phishing’ expeditions try to lure you in with a hook – perhaps a £10 discount voucher from an online shop such as Amazon.

When you provide personal details to verify you are eligible, a fraudster uses your private information to go shopping on that website or go spending elsewhere.

Phishing is the term used for when an email is received that pretends to be from someone else.

8. Password theft by hackers

A key target for an online thief is your password. Once a fraudster has this you are particularly vulnerable as they can unlock a variety of online accounts and go shopping at your expense.

Over Christmas you are less likely to be keeping tabs on where money is coming and going – so are more vulnerable. Unfortunately, juggling passwords is a tricky business – which is why so many of us have easy-to-remember ‘weak’ codes.

A third of us use maiden or pet names and dates of birth as part of a password – something a hacker will try. Use a random mix of numbers and letters.

KEY TIPS TO COMBAT THE SEASONAL ONLINE MENACE

1) Never give out personal information to someone who asks for it or open strange email attachments.

Check that contact details of a package delivery firm are the same as those given in a phone book or found online.

2) Special discount offers and Cyber Monday promotions might be fakes.

Look at the email address from which the message has been sent. An unusual suffix should ring alarm bells. Contact the firm directly if unsure to check it is the real thing. Details of specific scams are often mentioned on the internet – along with email addresses to avoid.

3) Check your bank statement and look at the recent purchase history of any online shopping accounts that you may have. If you spot anything unusual, inform the bank and the website shop immediately. You should also cancel any payment cards that were used for purchases that cannot be verified.

4) Install security software that includes hard-to-crack passwords.

You can protect yourself with so-called virtual private network (VPN) anti-virus software.

Try a free VPN as offered by software firms, such as Avira and Sophos. You can pay from about £5 a month for such security that covers a full range of internet connected devices.

Such software might include the provision of encrypted passwords.

9. The dark web ‘long-lost friend’

People increasingly send seasonal greetings via email rather than card – occasionally as attachments with festive online messages.

But just because you recognise the name of the apparent sender does not mean you should automatically open the web page attachment – it could be a trick and include a computer virus.

Crooks often buy personal details of people off the so-called ‘dark web’ – illegal websites – to find targets. This can include a list of contacts that might include you. Attachments often have names that comprise gibberish letters and numbers.

10. Bogus ‘copycat’ website trick

Fraudsters steal money through bogus websites. You pay for a service that you will never get. The website may look official but the final suffix letters often give the game away. If you are looking forward to a short Christmas break you might consider using the room booking service Airbnb. In the past, cheats have used suffixes such as ‘co.com’ rather than the real ‘co.uk’. An ‘https’ prefix is much better as it is more secure than an ‘http’ address.

11. Brazen charity donation cheats

Fraudsters take advantage of seasonal goodwill by pretending to be charities – sending fraudulent emails directing you to bogus websites. The Charity Commission has a list of all good causes and their contact details. So check any emailed details against the Commission’s list.

12. Counterfeit goods rip-off

Even if you use a reputable website for shopping it still does not mean you have escaped the fraudsters – as you might be sent rip-off goods. If the price of an online gift looks ridiculously low you could be buying counterfeit goods.

Some websites dress themselves up to look like official selling sites for luxury brands such as Gucci. Again a suffix such as co.com should send an alarm bell ringing.

Some links in this article may be affiliate links. If you click on them we may earn a small commission. That helps us fund This Is Money, and keep it free to use. We do not write articles to promote products. We do not allow any commercial relationship to affect our editorial independence.