The Cyber Grinch is out there preying on unsuspecting holiday season online shoppers wanting to snap up a bargain.

The Cyber Grinch is a euphemism for organised crime and those low life’s love seasonal shopping periods to ramp up scams and steal money.

Christmas/Boxing Day sales are reason enough to stay away from the shopper hoards and their screaming kids. That is why more and more people are now choosing to shop online.

Cyber Grinch

Unfortunately, this also makes Christmas a peak period for cyber grinch attacks, with online scammers preying on unsuspecting shoppers to steal personal data, financial details, and general Christmas cheer. This year saw nearly $3 million lost to online shopping scams in Australia, while online fraud attempts increase by 22% in the holiday period.

To help prevent you from being conned by the Cyber Grinch, ESET’s Senior Research Fellow, Nick FitzGerald shares a few tips on how to shop safely online this silly season.

What cyber-scamming looks like:

Suspiciously good offers

“If you see a deal that’s too good to be true, then be careful – it probably is,”

Scammers frequently trick online shoppers with massive discounts and amazing deals to:

  • Capture your private data and financial details while selling products that either don’t arrive or turn out to be cheap knock-offs of the real thing.
  • Steal your money for a product you will never receive.
  • Make a profit by adding a high shipping cost without you noticing.
  • Sell a product that is different from what you ordered, have you return it at
  • your own expense and keep your initial payment.

Demands for upfront payment

Shoppers should be wary of out-of-the-blue emails or social media messages

Especially those declaring they have received a prize, gift or package that needs to be delivered – but requires payment of an administrative or postage fee before it can be sent out. Never pay upfront fees for unexpected gifts or prizes.

Check the payment method

A big red flag that an online store is fraudulent is the method of payment.

Scammers will often ask you to pay for an item with a pre-loaded money or gift card, a wire transfer, or money order. Avoid these payment methods as much as possible.

Cyber Grinch

How to stay safe from the Cyber Grinch (while still shopping):

Shop with reputable online stores you know and trust

Some scammers set up websites or pages that look authentic, but are just convincing fakes designed to fool you. Be sure to do some careful research by reading online reviews and recommendations in independent community forums. If you’re buying expensive products, be especially careful – thoroughly check the store’s business credentials before paying.

Choose smart payment protection options

Some online payment methods are more secure than others. Fitzgerald recommends using credit cards where possible. Credit cards are a safe option for online shopping because your bank will likely be monitoring for any suspicious activity or unexpected transactions, and can alert you to or even defend you from cyber-incidents. And, if your financial details or money do get stolen, you can ask your bank to protect your account and reverse the charge.

You can also use a secure third-party payment method such as PayPal, that offers a buyer protection feature that will help you recover some of your money in the event of a scam.

Embrace two-step authentication

When setting up an account with an online store, Fitzgerald recommends protecting your data with two-step verification whenever you have the choice. This will mean that in addition to the usual password log-in, the store will also send a text or email to you with a one-time code to further verify your identity.

Check the online store is secure

Look for trustworthy web addresses starting with ‘https’, or those displaying the padlock icon. These mean that any communication between you and the site is encrypted, so that any personal data you send will be protected from anyone trying to intercept it.

Keep an eye on your transactions

Regularly check your bank and credit card history and statements to confirm no compromises for your finance. If your bank offers real-time update options, choose to “opt-in” to mobile messages or email notifications on your transactions. If anything in your statements seems suspicious, call your bank straight away – it’s better to be safe than sorry.

Install effective security software to help stop the cyber grinch

“Old software is more vulnerable to online hackers so ensure your devices and apps are updated to prevent any cyber-attacks”.