Beware This Particularly Nasty Online Holiday Scam

What's Hot

23 Upgrades Under $50 to Make Your House Look AwesomeAround The House

Trump Worth $10 Billion Less Than If He’d Simply Invested in Index FundsBusiness

Do This or Your iPhone Bill May SkyrocketSave

19 Moves That Will Help You Retire Early and in StyleFamily

11 Places in the World Where You Can Afford to Retire in StyleMore

What You Need to Know for 2017 Obamacare EnrollmentFamily

The 35 Two-Year Colleges That Produce the Highest EarnersCollege

5 DIY Ways to Make Your Car Smell GreatCars

8 Things Rich People Buy That Make Them Look DumbAround The House

50 Ways to Make a Fast $50 (or Lots More)Grow

32 of the Highest-Paid American SpeakersMake

Amazon Prime No Longer Pledges Free 2-Day Shipping on All ItemsMore

5 Reasons a Roth IRA Should Be Part of Your Retirement PlanGrow

More Caffeine Means Less Dementia for WomenFamily

7 Household Hacks That Save You CashAround The House

30 Awesome Things to Do in RetirementCollege

Beware These 10 Retail Sales Tricks That Get You to Spend MoreMore

Be wary of emails requesting that you confirm an online order or package shipment. They could be a scam.

If your online holiday shopping has left your inbox flooded with order confirmation emails, beware: There’s a chance a bogus confirmation email is lurking there in an attempt to steal your personal information.

That’s according to Brian Krebs of Krebs on Security, who is warning consumers to be on the lookout for these phony emails hitting their inbox this holiday season. The emails ask you to confirm orders or delivery.

“Malware purveyors and spammers are blasting these missives by the millions each day in a bid to trick people into giving up control over their computers and identities,” Krebs said.

The emails look legit, appearing to come from retailers such as Home Depot, Target, Costco and Walmart, and contain a link that you are asked to click on. If you make the mistake of clicking on it, you’re in trouble. According to

You’ll be redirected to a foreign site that will automatically download a .ZIP file filled with malware designed to hack your computer and steal things like your credit card numbers, your banking information, and your sensitive personal data. Sometimes this malware will be disguised as an attachment that the email text will implore you to open.

Krebs said the subject lines of the bogus order confirmation emails vary, but include “Acknowledgment of Order,” “Order Confirmation,” “Order Status,” and “Thank you for your order.”

If you receive an order confirmation email that you think is legitimate, don’t click on any links embedded in the email or attached to it. Krebs recommends opening your Web browser and visiting the retailer’s site.

“Generally speaking, legitimate communications about order issues will reference an order number and/or some other data points specific to the transaction, information that can be used to look up the order status at the merchant’s website,” Krebs said.

Have any phony order confirmation emails shown up in your inbox? Share your thoughts below or on our Facebook page.

Now, watch this video as MoneyTalks founder Stacy Johnson demonstrates another holiday scam: fake charities. Instead of the Salvation Army, he’s actually collecting for “Sal’s Vacation Army.”

Stacy Johnson

It's not the usual blah, blah, blah

I know... every site you visit wants you to subscribe to their newsletter. But our news and advice is actually worth reading! For 25 years, I've been making people richer without making their eyes glaze over. You'll be glad you did. I guarantee it!


Read Next: How Often Should You Change Your Passwords?

Check Out Our Hottest Deals!

We're always adding new deals and coupons that'll save you big bucks. See the deals to the right and hundreds more in our Deals section.

Click here to explore 1,741 more deals!