Cybersecurity Experts Warn Of Evolving Holiday Scams

ShareWith the holiday season here, it’s not only a time for magic and celebration but also a prime opportunity for fraudsters to exploit the festive rush for gifts and bargains. Amid the sparkle of year-end celebrations, cybersecurity experts at Kaspersky have identified several prominent scams targeting consumers across various regions and languages. Deceptive online stores...The post Cybersecurity Experts Warn Of Evolving Holiday Scams appeared first on New Telegraph.

featured-image

With the holiday season here, it’s not only a time for magic and celebration but also a prime opportunity for fraudsters to exploit the festive rush for gifts and bargains. Amid the sparkle of year-end celebrations, cybersecurity experts at Kaspersky have identified several prominent scams targeting consumers across various regions and languages. Deceptive online stores mimic the look and feel of legitimate ecommerce sites, offering seasonal items such as decorations, gifts, and even trees at steep discounts.

These sites often appear highly localised, adapting their language and currency based on the user’s geographic location, leveraging data extracted from browsers. Victims typically encounter these stores by following links in ads or pop-ups. These sites aim to steal funds.



Often, these fraudulent stores exist only for a short period, as they get flagged by the vendors of goods. This scam plays on the allure of free services, claiming to provide free mobile data valid across all major telecom providers. In order to receive the free data, victims are required to share the promotion link with 10–15 contacts via WhatsApp, ensuring the scam spreads exponentially.

After sharing, victims are prompted to enter their personal details — name, phone number, and email — into a form. The collected data is then sold on the Dark Web or used in other fraudulent activities. In some cases, victims unknowingly download malware that compromises their devices, leading to further exploitation.

Fraudsters impersonate government authorities, promising fictitious payments in celebration of the holidays. This scam has been reported in several African countries, including Kenya and Nigeria. To receive payment, victims are directed to fill out a survey which requires personal details like name and phone number.

Once the survey is completed the user is asked to share the link to the announcement with their connections via WhatsApp. These details are collected and added to fraudulent databases, then sold to third parties or used for phishing attacks and identity theft. This scam exploits trust in government systems and the festive spirit of giving.

This scam begins with a seemingly harmless email promoting a holiday cake recipe. Victims are encouraged to pay a small fee to access the recipe. Once payment is made, the victim’s credit card information is stolen.

The fraudsters also collect other personal information essential for accessing banking services. “Holiday scams are not a new phenomenon, but they have evolved to become increasingly sophisticated, leveraging regional traditions and technology to exploit unsuspecting victims. The rush of the holidays makes people more vulnerable — they’re distracted, eager to grab a deal, or trust promotions that align with festive themes.

Cybercriminals are not just stealing money — they’re building massive databases of personal information that fuel future fraudulent schemes. The holiday season is a time for joy and giving, but users need to remain vigilant to ensure they’re not unknowingly giving fraudsters the tools to exploit them further,” says Olga Svistunova, Senior Web Content Analyst at Kaspersky. Two months ago, it was reported that the global cost of Cybercrime was projected to exceed $10.

5 trillion by end of this year. Technology experts, therefore, called all stakeholders to forge stronger collaboration between public and private sectors to navigate the increasingly complex cyber environment. Experts at the 2024 Cybersecurity Conference, jointly organised by the Central Securities Clearing System Plc (CSCS) and the Office of the National Security Adviser (ONSA) also called for AI-driven solutions to guard Nigeria’s critical infrastructure.

Disclosing the staggering economic cost of cybercrime, which is projected to exceed $10.5 trillion globally this year, Mr. Haruna Jalo-Waziri, the Chief Executive Officer (CEO) of Central Securities Clearing System Plc (CSCS), cited the 2024 Cybersecurity Ventures Report to highlight the grave threat of ransom attacks.

He warned of the rapid rise in ransomware attacks, which according to him have surged by 45 per cent, citing Check Point Research. “Social media are amplifying misinformation, and that poses new challenges for critical infrastructure. We need to build trusted networks and create air gaps to shield ourselves from emerging risks,” Jalo-Waziri cautioned.

The high-profile event which held in Abuja attracted leaders from military, technology, finance, and government sectors, united by a common goal: leveraging artificial intelligence (AI) to protect Nigeria’s critical infrastructure from escalating cyber threats..