McAfee has released its "12 Scams of Christmas" list, warning shoppers of this season's biggest threats With Black Friday and Cyber Monday under our belts, the 2013 holiday shopping season is officially in gear. It’s the time of year for finding great gift bargains, helping people in your community, traveling to visit family and friends, and more. Cyber criminals also love the holidays, and they’re poised with an arsenal of attacks, ready to spoil your holiday cheer.You’re probably familiar with the song The Twelve Days of Christmas. That’s the song where the person ends up with 12 partridges in 12 pear trees by the time all is said and done, along with some random collection of maids-a-milking, lords-a-leaping, and drummers drumming, among other things. Well, McAfee compiled its own security-themed version called The 12 Scams of Christmas. Here is a quick rundown of the 12 scams:Not-So-Merry Mobile AppsHoliday Mobile SMS ScamsHot Holiday Gift ScamsSeasonal Travel ScamsDangerous E-Seasons GreetingsDeceptive Online GamesShipping Notifications ShamsBogus Gift CardsHoliday SMiShingRomance ScamsPhony E-TailersMost of the scams listed by McAfee are not unique to the holidays per se. There are fake shipping notifications, malicious apps, shady deals, and phishing attacks on any given day. What makes the holidays unique is that there are so many more legitimate emails, text messages, deals, and bargains, and people are so aggressively looking for holiday-related deals, so the opportunity for cyber criminals is exponentially greater.You can visit the McAfee 12 Scams of Christmas page for more detailed description of each of the scams. All 12 are relevant threats, but the ones that seem to stand out as the biggest risk are those related to great deals on hot gift items, awesome holiday travel bargains, gift card scams, and fake or spoofed holiday charities.[Eight tips for more secure mobile shopping] During the holidays, it’s more important than ever to use security best practices, and exercise a healthy dose of common sense. As a rule, if it sounds too good to be true, it probably is. No matter how much you wish it were true, retailers like Best Buy and Walmart are not in the habit of just randomly handing out free gift cards worth hundreds of dollars for the holidays, and you aren’t going to find roundtrip airfare to Europe for $100. Of course, there are a number of legitimate bargains to be found, and that’s what complicates things this time of year. There are three things IT admins should do to guard company networks and data against these holiday cyber scams. First, double-check your password and security policies to make sure they’re adequate. Second, make sure all platforms and applications are patched, and that your antimalware and other security software are up to date. Most attacks rely on exploiting known vulnerabilities, so this one step can help you identify and block many threats. Finally, the most important step—make sure users are aware of the increased threat. Remind users to be suspicious by default, and practice safe shopping. Only visit credible, reputable websites, and don’t open email attachments or click on links from unknown sources. With some common sense and basic security practices, you can avoid most threats, and enjoy the holiday season without becoming a victim of the 12 Scams of Christmas. Related content brandpost How an integrated platform approach improves OT security By Richard Springer Sep 26, 2023 5 mins Security news Teachers urged to enter schoolgirls into UK’s flagship cybersecurity contest CyberFirst Girls aims to introduce girls to cybersecurity, increase diversity, and address the much-maligned skills shortage in the sector. By Michael Hill Sep 26, 2023 4 mins Back to School Education Industry IT Training news CREST, IASME to deliver UK NCSC’s Cyber Incident Exercising scheme CIE scheme aims to help organisations find quality service providers that can advise and support them in practising cyber incident response plans. By Michael Hill Sep 26, 2023 3 mins IT Governance Frameworks Incident Response Data and Information Security news Baffle releases encryption solution to secure data for generative AI Solution uses the advanced encryption standard algorithm to encrypt sensitive data throughout the generative AI pipeline. By Michael Hill Sep 26, 2023 3 mins Encryption Generative AI Data and Information Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe