Holiday 2021 – Types Of Scams & Cyber Attacks To Be Alert For

What To Avoid & Watch Out For!

A SCARS Special report

Remember That Everyone Can Be Scammed!

So Be Careful!

Are you scam smart and cyber conscious?

Scammers ramp things up during the Holiday Season and more than ever you will be targeted!

Are you knowledgeable enough to AVOID • DISCOVER • RECOVER from scams?

Pay attention to the following types of scams, but remember these key points:

  • Don’t talk to strangers that contact you online – over 95% will be scammers and you can’t always tell!
  • Anyone that asks a stranger for money or help is a scammer!
  • Anyone that contacts you and gets immediately romantic is a scammer.
  • Governments do not contact you online!
  • Be especially careful of buyer/seller scams – even Amazon has fake resellers, eBay even more, and Alibaba & Crags List is choked with them!
  • Trust NO ONE!

Remember, your data is at high risk and is highly valued by cybercriminals.

The Standard Set Of Personal/Relationship Scams

Romance/Relationship Scams

You have heard it a million times, don’t talk to strangers online when they contact you! You may be lonely and vulnerable, looking for someone during this holiday season, but this is when it is most dangerous. You will not be thinking clearly regardless of what you think!

Millions of people use dating sites, social media platforms, and chats or messaging to meet people. You can even meet people by playing online games!

Some forge real successful relationships. But scammers also use these same platforms and sites to target potential victims. They create fake profiles to appear real and build trust and eventually convince people to send money in the name of love.

Some even make wedding plans before disappearing with the money. An online love interest who asks for money is almost certainly a fraudster or scammer (whatever word you prefer.) Romance Scams operating from Africa, Latin America, and Asia often use local money mules to receive victim payments and transmit proceeds to perpetrators. Sometimes, perpetrators of Romance Scams convince victims to serve as money mules, receiving illegal proceeds of crime and forwarding those proceeds to perpetrators. For example, Romance Scam victims often are induced to receive payments and/or goods such as technology equipment procured through fraud and to forward those payments and goods directly or indirectly to perpetrators.

But remember, not all scammers are just in other countries. Many scammers will be operating in your own country!

Social Security Impostor Scam

Social Security Administration imposters contact prospective victims by telephone and falsely claim that the victim’s Social Security number has been suspended because of suspicious activity, or because it has been involved in a crime. They ask to confirm the victim’s Social Security number, or they may say they need to withdraw money from the victim’s bank account and to temporarily store it on gift cards or in other unusual ways for “safekeeping” the victim’s money. Victims may be told their accounts will be seized or frozen if they fail to act quickly. Always ignore these and call the official agency phone number if you want to confirm.

Perpetrators often use robocalls to reach victims. Victims may be told to “press 1” to speak to a government “support representative” for help reactivating their Social Security number. They also use caller ID spoofing to make it look like the Social Security Administration is calling. With such trickery, perpetrators convince victims to give up their Social Security numbers and other personal information. Social Security Administration imposters operating from abroad often use local money mules to receive victim payments and transmit proceeds to perpetrators.

Regardless of what country you live in, there are government impersonators everywhere!

Grandparent Scams

These are usually a phone-based scam but can be text (SMS) or instant messages as well. It involved contacting a relative and saying a grandson or other family member has an emergency, such as being in jail, and they need money fast! The caller needs the grandparent, aunt, uncle, or other family member or friend to go immediately to write money or buy a gift card to solve the problem. The trick is the pressure and the emergency means the person is not available – most of the time – to talk with the victim – but sometimes the scammer will impersonate the person in the emergency.

The answer is always to call the person on a real number or call other family members to verify!

Tech Support Scam

Fraudsters make telephone calls and claim to be computer technicians associated with a well-known company or they may use internet pop-up messages to warn about non-existent computer problems. The scammers claim they have detected viruses, other malware, or hacking attempts on the victim’s computer. Don’t believe them!

They pretend to be “tech support” and ask that the victim give them remote access to his or her computer. Eventually, they diagnose a non-existent problem and ask the victim to pay large sums of money for unnecessary – or even harmful – services. Tech Support Scams operating from abroad often use local money mules (including legitimate-seeming businesses registered in the U.S.) to receive victim payments and transmit proceeds to perpetrators.

Refund scheme: After victims make payments, perpetrators often call back and offer refunds to victims, claiming their tech support services are no longer available. Perpetrators claim to send refund money to the victim’s bank account but falsely claim that too much money was refunded. Perpetrators then induce victims to send payments (often through stored-value cards such as gift cards), purportedly to reimburse the tech support company for its “over-refund.” Victims have lost hundreds or thousands of dollars to this refund scheme.

Lottery Scams

Fraudulent telemarketers based in Jamaica and other countries are calling people in many countries, telling them that they have won a sweepstakes or foreign lottery. The fraudulent telemarketers typically identify themselves as lawyers, customs officials, or lottery representatives, and tell people they have won vacations, cars, or thousands — even millions — of dollars.

“Winners” need only pay fees for shipping, insurance, customs duties, or taxes before they can claim their prizes. Victims pay hundreds or thousands of dollars and receive nothing in return, and often are revictimized until they have no money left. Lottery Scams operating from Africa, the Caribbean, or Asia often use local money mules to receive victim payments and transmit proceeds to perpetrators.

IRS/Tax Collector Impostor Scam

IRS or other Tax Agency Imposter Scams are aggressive and sophisticated phone scams targeting taxpayers in almost every country. Callers claim to be employees of the IRS or Tax Agency but are not.

They use fake names and bogus agency identification badge numbers. Victims are told they owe money to the IRS or Other Tax/Revenue Agency and it must be paid promptly through a wire transfer or store gift card. Victims who refuse to cooperate are threatened with arrest, deportation, or suspension of a business or driver’s license. These government Imposter Scams operating from abroad often use local money mules to receive victim payments and transmit proceeds to perpetrators – meaning the money is sent to someone in your own country.

Cyber Attacks Affect Businesses & Individuals

During the holidays everyone is crazy busy with shopping and sales, even businesses get lost in their sales season focus. But this is exactly the time when the most attention is needed. Individuals and businesses need to be aware of the potential types of cyberattacks they could face.

Cybercriminals are constantly looking for victims. They are using and refining new tools to break through computer security systems to launch their attacks. Anyone could be their next target. If you operate a small business with a digital presence, you should be even more concerned.

Most enterprise businesses have enough security infrastructure and cybersecurity staff in place to hinder these emerging types of cyberattacks. But unsuspecting small businesses and individuals are much more vulnerable. If you are not actively pursuing and implementing cybersecurity measures, your day of doom may be near. You don’t want to wait for the harm to be done before taking steps to keep safe.

Ecommerce Fraud Affects Resellers – But Consumers Ultimately Pay The Price

Card Testing Fraud

Card testing fraud (also known as card cracking) is a widespread tactic used to defraud eCommerce businesses. In 2017, for instance, card testing fraud jumped by more than 200 percent, accounting for 16 percent of all e-commerce transaction fraud and 7 percent for larger merchants.

Card testing fraud is when someone gains access to one or more stolen credit card numbers, through theft or by purchasing card data on the dark web. Even though they have the credit card numbers, they do not know whether the card numbers can be used to successfully complete a transaction or the limit associated with that credit card.

Fraudsters visit an ecommerce/online store website, making small test purchases, often using scripts or bots to test multiple credit card numbers quickly. These initial purchases are extremely small, as the entire purpose is to see whether the credit card can be used to complete transactions. Once they know that a credit card number works, they will begin making much more expensive purchases.

Ultimately, the initial small purchase testing tactic often goes undiscovered. Merchants and impacted customers tend to realize that they have been victims of card testing fraud when larger purchases are made. By that point, they may have been able to make several significant purchases using stolen credit card information.

Consumers should be very concerned if they see small amounts showing in their credit card statements because of this! If you see small charges call your bank immediately.

Friendly Fraud

Friendly fraud (also called chargeback fraud) is when someone purchases an item or service online and then requests a chargeback from the payment processor, claiming the transaction was invalid. The credit card companies or bank returns the transaction value to the customer, which must still be paid by the retailer.

In a chargeback fraud, an individual makes claims that appear to be believable and honest, and in some cases, that individual may be right (hence, “friendly fraud”). That said, friendly fraud can be used to receive items for free. For instance, the fraudster may purchase an item from your online store and argue that the item was never delivered, they may tell their credit card issuer that they returned the item to the merchant, but that a refund was never processed, or they can even say that they canceled the order, but it was still sent to them.

Whatever the case may be, chargeback fraud occurs when they contact their credit card issuer to dispute a charge that they actually intended to make. Use a chargeback management software tool that will reduce fraud loss and help you manage disputes. However, resellers pay careful attention to this and often report these false claims to the police and the FBI or FTC. This can result in a knock on the door of someone engaged in this at any time in the future!

Refund Fraud

Refund fraud is when someone uses a stolen credit card to make a purchase on an ecommerce website. The fraudster then contacts the business and requests a reimbursement due to an accidental overpayment. They request a refund of the excess amount but then state that the money will need to be sent via an alternative method since their credit card is closed. Ultimately, this means that the original credit card charge is not refunded and the online business is responsible to the card owner for the full amount.

With refund fraud, the online merchant is stuck in the middle. The fraudster may appear to be making a legitimate claim on the surface, but in reality, they are trying to steal money from your business.

Account Takeover Fraud

Account takeover fraud occurs when someone gains access to a user’s account on an ecommerce store or website. This can be achieved through a variety of methods, including purchasing stolen passwords, security codes, or personal information on the dark web or successfully implementing a phishing scheme against a particular customer.

Once they have gained access to a user’s account, they can engage in fraudulent activity. For instance, they can change the details of a user’s account, make purchases on online stores, can withdraw funds, and can even gain access to other accounts for this user.

Account takeover fraud is a serious form of identity theft, costing victims and your reputation as a retailer. Customers that feel that their data may be vulnerable on a website or online store are less likely to check out and will consider competitors that offer stronger security measures.

Any consumer that feels that their account has been taken over should report this to the merchant and the FTC.

Interception Fraud

Interception fraud is when fraudsters place orders through an ecommerce website where the billing address and shipping address match the information linked to a stolen credit card. Once the order is placed, their goal is to intercept the package and take the goods for themselves.

This can be done in several ways. First, they may ask a customer service representative at your company to change the address on the order before it is shipped. By doing this, they aim to receive the goods while the actual payment is made by the victim. They may also contact the shipper (whether it is FedEx, UPS, or another courier) to reroute the package to an address of their choosing. If they live close to the victim, they may even wait for the physical delivery of the package, sign for the package, and take it for themselves.

Triangulation Fraud

Triangulation fraud requires three different types of actors: the person doing the fraud, a shopper, and an online web store. The fraudster sets up a storefront (on Amazon, Shopify, or another platform) that sells high-demand goods at competitive prices.

Setting up this storefront brings in a number of legitimate customers who are looking to take advantage of an incredible bargain. Once these customers place orders on the fraudster’s website, the fraudster uses stolen credit card numbers to purchase legitimate goods from an ecommerce website, and then send those goods to the original customers. But the scammer is also using those cards to steal more money.

The online store ships real items to the fraudster after they use stolen credit card information to place these orders.

While the customers of the fraudster’s store may be receiving real goods for an unbelievable price, the victims are those whose credit cards have been stolen and the merchant who’s shipped the items purchased with stolen credit cards from their website.

Business & Individual Cyber Attacks

Phishing and Spear-Phishing Attacks

A phishing attack is where cybercriminal sends fraudulent emails with clickable links. Oftentimes, these emails appear to come from legitimate sources as a result of email address spoofing. These attacks aim to steal personal information or account credentials. These can also install malware or ransomware on a computer or device.

These network security attacks involve a combined use of social engineering techniques and technical tactics.  Fraudsters can launch these attacks through an email link or attachment. Upon opening the attachment, the user can download malware and compromise a company’s computer security. They can also, lure someone into clicking on a malicious link that takes you to an illegal website or one that will trigger a malware attack.

Spear-phishing is a special type of phishing attack. In this case, a scammer takes their time and researches their victims to get relevant information about them. They then send the target a personal email that appears to be from a known source.

One tactic that criminals employ is email spoofing to make the email appear to be from a trusted source.  This involves falsifying the “From” email section to look as if it comes from a friend or business partner. These could also use website cloning with a similar domain name. They seem legitimate and trick victims to enter their personal information and account logins.

Malware Attacks

This is an umbrella term for different types of cyberattacks that use malicious software to compromise computer & device security. These include spyware, viruses, trojans, logic bombs, worms, exploits, and ransomware.

Malicious software is any undesirable software injected into a system or device without authorization with the intent to cause harm.

Ransomware is a type of malware attack. In this type of attack, the attacker hijacks the victim’s computer, device, or network and either deletes files and information or encrypts it to ask for a ransom.

Most malware attacks are preventable with the right precautions and preventative defensive solutions.

Steps on how to prevent malware attacks:

  • Use a leading antivirus/anti-malware software (such as Malwarebytes, or others)
  • Be careful when opening emails from unknown sources – never click on links or attachments if possible
  • Avoid clicking on online ads
  • Keep all software & apps up-to-date

Password Attack

Cybercriminals use password authentication mechanisms to gain access to user’s information. Using only one password, these cybercriminals break into a victim’s data by cracking the account. The password attack can take several forms. These can include sniffing the connection of users and breaching network security. They could gain direct access to the account or through guesswork.

This type of cyberattack can be classified into three categories below:

  • Brute Force Attack
    It is used by internet fraudsters to guess an account password. They commonly do this with advanced programs which help them decipher passwords based on certain factors.  For instance, they could randomly guess passwords through simple logical reasoning specifically by combining the victim’s name, job title, age, or hobbies, etc.
  • Dictionary Attack
    The dictionary attack occurs when cybercriminals make use of a dictionary of common passwords, words, and phrases to guess a target’s password. A successful attempt compromises the victim’s accounts immediately.
  • Key Logger Attack
    With this type of cyber attack, the cybercriminals make use of programs (spyware or malware) that can capture keystrokes to get passwords and login IDs. This can affect any individual who logs into a computer or device or a web account with a password and username. The solution to this is multi-factor authentication.

Drive-by Attack

Cybercriminals frequently use drive-by attacks to spread malware. They target insecure websites that their victims visit. Once they find a potentially vulnerable website, they inject a malicious script into either the HTTP or PHP code of the website then wait for victims to visit that site. This script can directly compromise the computer network and devices of the site visitors.

It is estimated that approximately 70% of all websites are hacked or compromised. Few website publishers understand these issues and usually only have one form of security – the login and password. SCARS websites use more than 13 layers of security, as do most major published sites.

It can also re-route or hijack the traffic to a website that is used for cybercrime acts. Always be careful about which websites you trust.

You don’t need to actively download a malicious file to be a victim. This kind of tactic leverages the security flaws of an app, or a web browser too. You can usually safeguard against these types of attacks by avoiding insecure websites (without the padlock) and keeping your browsers fully up-to-date.

Man-in-the-Middle (MitM) Attack

This type of cyber attack happens when a hacker introduces himself/herself between a network connection and a server.  These cyber attackers are going to observe or manipulate traffic. In this case, the hacker can do this cybercrime by snooping on a business’s network.

They can also create and control fake networks for these network security attacks. Once they compromise the network traffic, they decrypt data to steal critical data and personal information. Moreover, they can also alter and redirect the traffic to dangerous destinations on the web.

Cybercriminals carry out these types of attacks through different means including: session hijacking, active eavesdropping, IP Spoofing, and replay.

Common solutions for man-in-the-middle attacks are encryption, tamper detection, and authentication of digital certificates (such as SSL.) Authentication proves to some extent that a specific query comes from an authentic source while tamper detection solutions reveal any alteration on the query. Sometimes, a latency test is carried out in order to detect the possible attack. This can be done by checking for inconsistencies in response times.


Botnets are a collection of systems integrated into a virtual network which the attackers have taken control of for the purpose of mass attacks on other websites, servers, or networks. Cybercriminals commonly make use of these infected systems to carry out distributed-denial-of-service (DDoS) attacks or password attacks.

This is usually done without the owner of the devices even being aware. It is frequently difficult to spot or stop DDoS attacks because the systems used in the attacks are scattered worldwide. However, there two methods of handling this type of attacks by using filtering or temporarily shutting down the website access.

Filtering can reject queries from specific IP addresses, or spoofed addresses and traces network traffic to their source.

SQL Database Injection Attack

Again, this is an attack mostly aimed at websites or web-connected database servers. An SQL injection attack happens when the hacker injects malicious code into an SQL database server. This injection attack tricks the server to divulge information it cannot usually disclose or perform a database operation under the control of the hacker. This can occur when the fraudster merely submits malicious script into a susceptible website search box on vulnerable poorly updated websites. Always look at badges or logos indicating that the website has active security monitoring done in real-time. (You will see such a monitoring logo at the bottom of this website).

A successful SQL injection attack can cause much harm to a business. The attacker could gain unauthorized access to their database – a data breach. This could hijack the system and carry out operations like editing, updating, or deleting the database. In worst-case scenarios, these attacks can execute administrative functions like shutting down the database and more.

Cross-site Scripting (XSS) Attack

This type of cyberattack makes use of the third-party website to inject malicious JavaScript codes into the target’s web browser. It can also target the victim’s apps. If the victim accesses an affected website page, the website page loads with the hacker’s injected payload attached to the HTML body. This infects the browser of the victim with a malicious script.

It can, for instance, transfer the cookie of the victim to a server that they use for cybercrime. They can extract the cookie and utilize it to launch a session of hijacking attack. XSS attacks can also be utilized for capturing screenshots, discovering and collecting network information, and gaining remote access and control over the victim’s computer network.

The solution to this is for website operators to make sure their websites are secure. Unfortunately, for users of websites there is no easy way to know, so always look for cybersecurity badges on a website. Most very large websites and web platforms, such as Facebook or Twitter are safe from this, so is this website.

Denial of Service (DoS) Attack

A DoS attack is one of the most widespread types of cyberattacks which is done by trying to overload web-connected services (such as a website) with massive volumes of traffic. This can slow or shut down a website, but also cause fragmented operation of the website’s code creating vulnerabilities.

The key motivation for this form of attack is to make either punish a website or gain entry for unlawful financial gain. It could also be performed to show technical prowess. Sometimes, they are politically motivated.

However, web publishers can take countermeasures before and during an attack.

Distributed Denial-of-Service (DDoS) Attack

This attack occurs when many compromised network devices, computers, or servers all over the world flood the bandwidth of the target wen service or website. The simple difference between a DoS attack and a DDoS attack is the scale and multiplicity of attacking systems.

Insider Attack and Data Breaches

Small businesses face different types of cyberattacks than individuals.  An insider attack is one of the most dangerous for any size business. This commonly occurs through the activities of disgruntled employees or ex-employees. The same also happens when well-meaning employees fail to implement standard security measures.

The exact wants of the cybercriminals vary wildly with these, but generally, it comes down to one of two motives: destroy data and harm the business, or steal data and harm the business. Consumers become the victims when this happens.

Cryptojacking Attacks

Cryptojacking attackers target the bandwidth of a users’ computer, server, or device and processing power to mine cryptocurrency. These cyber attackers break into authentic sites and at the same time break into their visitor’s systems.

These cyber-threats target both Bitcoin holders and holders of other altcoins.  Crypto exchanges and companies that render mining services suffer the most of these attacks. Wallet holders also have their share of crypto cyber threats including identity theft and illegal extortion.


Cyber attackers continue to refine their attack strategies to their targets. Cybersecurity companies are also working hard to find solutions to these and many other ever-evolving cyber threats. Everyone needs to stay observant and use available security tools and best practices to remain safe.

A holistic defense starts with discovering the different types of cyberattacks that are likely to target you. When you know the potential threats you can better face them and take the required steps to prevent or eliminate them.

The most obvious steps everyone needs to take are:

  1. Keep all software, apps, computers, and devices up to date! Software updates are not a convenience, they are a survival imperative!
  2. Never click on links in emails or apps or ads. Always examine the link to see if it is legitimate. If you cannot tell then just forget it.
  3. Never talk to strangers online – anyone that contacts you and starts asking for information, access, or money is most likely a scammer. Always hang up or disconnect and verify with the real contact information. If it is an individual, just block and move on.

Life online is not safe. The sooner you fully understand and accept this, the sooner you can begin to obtain the skills you need to be safer!

SCARS Publishing Self-Help Recovery Books Available At

Scam Victim Self-Help Do-It-Yourself Recovery Books

SCARS Printed Books For Every Scam Survivor From SCARS Publishing


Each is based on our SCARS Team’s 32-plus years of experience.

SCARS Website Visitors receive an Extra 10% Discount
Use Discount Code “romanacescamsnow” at Checkout

Always Report All Scams – Anywhere In The World To:

Go to to learn how

U.S. FTC at and SCARS at
Visit to learn more!