McAfee has released its "12 Scams of Christmas" list, warning shoppers of this season's biggest threats With Black Friday and Cyber Monday under our belts, the 2013 holiday shopping season is officially in gear. It’s the time of year for finding great gift bargains, helping people in your community, traveling to visit family and friends, and more. Cyber criminals also love the holidays, and they’re poised with an arsenal of attacks, ready to spoil your holiday cheer.You’re probably familiar with the song The Twelve Days of Christmas. That’s the song where the person ends up with 12 partridges in 12 pear trees by the time all is said and done, along with some random collection of maids-a-milking, lords-a-leaping, and drummers drumming, among other things. Well, McAfee compiled its own security-themed version called The 12 Scams of Christmas. Here is a quick rundown of the 12 scams:Not-So-Merry Mobile AppsHoliday Mobile SMS ScamsHot Holiday Gift ScamsSeasonal Travel ScamsDangerous E-Seasons GreetingsDeceptive Online GamesShipping Notifications ShamsBogus Gift CardsHoliday SMiShingRomance ScamsPhony E-TailersMost of the scams listed by McAfee are not unique to the holidays per se. There are fake shipping notifications, malicious apps, shady deals, and phishing attacks on any given day. What makes the holidays unique is that there are so many more legitimate emails, text messages, deals, and bargains, and people are so aggressively looking for holiday-related deals, so the opportunity for cyber criminals is exponentially greater.You can visit the McAfee 12 Scams of Christmas page for more detailed description of each of the scams. All 12 are relevant threats, but the ones that seem to stand out as the biggest risk are those related to great deals on hot gift items, awesome holiday travel bargains, gift card scams, and fake or spoofed holiday charities.[Eight tips for more secure mobile shopping] During the holidays, it’s more important than ever to use security best practices, and exercise a healthy dose of common sense. As a rule, if it sounds too good to be true, it probably is. No matter how much you wish it were true, retailers like Best Buy and Walmart are not in the habit of just randomly handing out free gift cards worth hundreds of dollars for the holidays, and you aren’t going to find roundtrip airfare to Europe for $100. Of course, there are a number of legitimate bargains to be found, and that’s what complicates things this time of year. There are three things IT admins should do to guard company networks and data against these holiday cyber scams. First, double-check your password and security policies to make sure they’re adequate. Second, make sure all platforms and applications are patched, and that your antimalware and other security software are up to date. Most attacks rely on exploiting known vulnerabilities, so this one step can help you identify and block many threats. Finally, the most important step—make sure users are aware of the increased threat. Remind users to be suspicious by default, and practice safe shopping. Only visit credible, reputable websites, and don’t open email attachments or click on links from unknown sources. With some common sense and basic security practices, you can avoid most threats, and enjoy the holiday season without becoming a victim of the 12 Scams of Christmas. Related content news Multibillion-dollar cybersecurity training market fails to fix the supply-demand imbalance Despite money pouring into programs around the world, training organizations have not managed to ensure employment for professionals, while entry-level professionals are finding it hard to land a job By Samira Sarraf Oct 02, 2023 6 mins CSO and CISO CSO and CISO CSO and CISO news Royal family’s website suffers Russia-linked cyberattack Pro-Russian hacker group KillNet took responsibility for the attack days after King Charles condemned the invasion of Ukraine. By Michael Hill Oct 02, 2023 2 mins DDoS Cyberattacks feature 10 things you should know about navigating the dark web A lot can be found in the shadows of the internet from sensitive stolen data to attack tools for sale, the dark web is a trove of risks for enterprises. Here are a few things to know and navigate safely. By Rosalyn Page Oct 02, 2023 13 mins Cybercrime Security news ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations By Lucian Constantin Oct 02, 2023 4 mins Hacker Groups Ransomware Cybercrime Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe