Beware of Christmas Scams Flooding Inboxes This Holiday Season

Scammers are busy targeting millions of inboxes worldwide with festive-themed emails aimed at stealing personal information, money and compromising devices under the guise of the holiday season.

Scams ranging from fake lotteries and retailer discounts to phishing campaigns impersonating financial institutions are flooding inboxes globally.

Bitdefender Antispam Lab has been tracking these fraudulent campaigns to ensure your safety during Christmas.

Note: All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

Let’s dive into our key findings:

• 2 in 5 unsolicited Christmas-themed emails received by consumers between Nov. 13 and Dec. 12, 2024, were flagged as scams, according to Bitdefender Antispam Lab. This represents a 33% increase from last year’s report.
• Bitdefender Antispam Lab began tracking winter holiday-themed spam as early as September 2024. However, a notable surge was observed starting Dec. 1, aligning with peak holiday shopping and increased email activity.
• These malicious emails are carefully crafted to exploit the holiday spirit, preying on users' eagerness for deals, discounts, and festive offers.
• According to data collected between Nov. 13 and Dec. 12, 2024, the top origin of Christmas-themed spam was IP addresses in the US (36%), the UK (13%), France (12%), China (9%), and Germany (7%).

• The top regions targeted by these holiday scams are the US (35%), Ireland (19%), the UK (12%), Germany (11%), and France (8%).

Common Christmas-Themed Scams

Many of these emails mimic legitimate holiday correspondence. However, they are not associated with businesses or financial institutions in any way. Scammers and cybercriminals impersonate well-known companies to deceive and steal sensitive data and money from consumers, damaging both the company's reputation and the trust of its customers.

Here are some examples of the 2024 Christmas email scam trends:

• Phony holiday discounts: Scammers promise incredible savings on popular products but direct users to fraudulent websites designed to steal financial details.
• Fake charity appeals: Emails requesting donations for “Christmas causes” often lead to scammers’ pockets rather than helping those in need.
• Lottery and prize scams: Scammers send emails claiming users have won large sums of money or expensive vehicles. Victims are asked to provide sensitive personal information to “claim their prize.”

Link to lottery scams

• Weight-loss offers: Fraudulent weight-loss schemes, like the Magicoa email promising unrealistic results (“15 kg in 30 days”), take advantage of users’ post-holiday resolutions.

Phishing Campaigns Targeting Financial Institutions

Alongside Christmas-themed scams, Bitdefender Antispam Lab has also detected numerous phishing campaigns impersonating financial institutions. These emails are aligned with online behaviors amid the busiest shopping season of the year, aiming to steal login credentials and other sensitive information by mimicking legitimate alerts such as:

• Account suspension notices: Emails that claim your bank account has been restricted due to suspicious activity.
• Disputed transactions: Fake messages from brands like Chase, Truist, and Capital One inform users of supposed unauthorized transactions, urging them to “verify” their accounts.
• Document notifications: Scammers impersonate financial institutions, claiming new documents are available for review.

These phishing campaigns often include:

1. Urgent language: Pressure to act quickly, such as resolving issues within 48 hours.
2. Malicious links: Redirecting users to fake login pages where credentials are harvested.
3. Spoofed email domains: Emails appear to come from legitimate financial institutions, increasing their credibility.

The Amazon Login Notification Scam

Among the malicious emails analyzed, one recurring theme was an Amazon-branded login notification scam. These emails serve as a vector for Cryxos trojans, which trick users with an alarming notification message stating that:

• Their computer or web browser has been "blocked" due to a virus infection.
• Personal details are "being stolen."

The scam instructs users to call a phone number for "assistance" in removing the infection. This is a classic example of a “call support” scam.

If a user contacts the fraudulent support number, they are pressured into paying for unnecessary services. Worse, scammers often request remote access to the user’s device under the pretense of helping. This access can lead to:

• Device hijacking
• Theft of personal information
• Installation of additional malware

Other Christmas Scams

The following examples illustrate the variety and complexity of scams seen this year:

1. BMW and Rolls Royce Lottery Scams: Victims receive emails claiming they’ve won a luxury car or large cash prize, often requiring sensitive personal details like full name, address, and phone number.
2. Facebook Meta Lottery Scam: Users are told they’ve won $550,000 as part of a holiday giveaway, with scammers requesting their personal information to “process the claim.”
3. Fake Retailer Discounts: Brands like JCPenney, Costco, and CVS are spoofed, offering “exclusive holiday deals” that trick recipients into clicking malicious links.
4. Fake Loyalty Points Expiration: Emails claiming loyalty points (e.g., Bradesco’s 43,549 points) are about to expire push users to “redeem” their rewards through fraudulent portals.
5. Donation Scams: Scammers impersonating lottery winners, such Gareth & Catherine Bull, claim they’re donating money to “lucky” individuals.
6. Electricity-saving scams: A new trend includes fake promotions for electricity-saving devices, allegedly linked to Elon Musk or Tesla. These scams claim unrealistic savings, such as 90% off monthly electric bills, and promise special "Christmas discounts" for devices like the fraudulent ESAVER gadget. These emails feature:

·         Urgent calls to action, such as "Claim Your Exclusive Christmas Discount!"

·         Misleading claims about energy savings being "banned" by power companies.

·         Fake testimonials and exaggerated imagery to entice users.

These energy-saving scams direct users to fraudulent sites where credit card information is harvested, or fake products are sold.

These scams exploit Holiday emotions—generosity, urgency, and excitement—to manipulate users into falling for their tricks.

How to Stay Safe This Holiday Season

To protect yourself and your loved ones from falling for holiday-themed scams, follow these tips:

1. Scrutinize unsolicited emails: Avoid clicking links or downloading attachments from unfamiliar sources, especially those offering deals that seem too good to be true.
2. Verify charity requests: Research charities independently before donating. Use trusted platforms to make contributions.
3. Double-check delivery notifications: Instead of clicking links in emails, head to the carrier’s official website to track packages.
4. Ignore scare tactics: Messages claiming your device is infected should be treated with suspicion. Refrain from calling any phone numbers listed in such messages.
5. Validate lottery claims: Legitimate lotteries do not contact winners via unsolicited emails or request personal details.
6. Use cybersecurity solutions: A robust antivirus program with antispam capabilities, like Bitdefender’s suite of solutions, can help identify and block phishing emails and malicious attachments.
7. Use Bitdefender Link Checker: A free tool that verifies URLs to help you avoid malware, phishing attempts, and counterfeit websites.
8. Use Bitdefender Scamio, our FREE scam-busting chatbot that helps you detect and avoid scams across multiple online platforms.

By staying vigilant, verifying suspicious claims, and relying on trusted cybersecurity tools, you can ensure your festivities remain joyous and scam-free.

Don’t forget to stay tuned on our blog, as Bitdefender Antispam Lab will continue to monitor and report on emerging threats to keep you informed and protected.

Many thanks to our dedicated antispam fighter Viorel Zavoiu for helping us put together this report!

Stay safe, and have a Happy Holiday Season!