Beware This Particularly Nasty Online Holiday Scam

Beware This Particularly Nasty Online Holiday Scam Photo (cc) by IN 30 MINUTES Guides

If your online holiday shopping has left your inbox flooded with order confirmation emails, beware: There’s a chance a bogus confirmation email is lurking there in an attempt to steal your personal information.

That’s according to Brian Krebs of Krebs on Security, who is warning consumers to be on the lookout for these phony emails hitting their inbox this holiday season. The emails ask you to confirm orders or delivery.

“Malware purveyors and spammers are blasting these missives by the millions each day in a bid to trick people into giving up control over their computers and identities,” Krebs said.

The emails look legit, appearing to come from retailers such as Home Depot, Target, Costco and Walmart, and contain a link that you are asked to click on. If you make the mistake of clicking on it, you’re in trouble. According to

You’ll be redirected to a foreign site that will automatically download a .ZIP file filled with malware designed to hack your computer and steal things like your credit card numbers, your banking information, and your sensitive personal data. Sometimes this malware will be disguised as an attachment that the email text will implore you to open.

Krebs said the subject lines of the bogus order confirmation emails vary, but include “Acknowledgment of Order,” “Order Confirmation,” “Order Status,” and “Thank you for your order.”

If you receive an order confirmation email that you think is legitimate, don’t click on any links embedded in the email or attached to it. Krebs recommends opening your Web browser and visiting the retailer’s site.

“Generally speaking, legitimate communications about order issues will reference an order number and/or some other data points specific to the transaction, information that can be used to look up the order status at the merchant’s website,” Krebs said.

Have any phony order confirmation emails shown up in your inbox? Share your thoughts below or on our Facebook page.

Now, watch this video as MoneyTalks founder Stacy Johnson demonstrates another holiday scam: fake charities. Instead of the Salvation Army, he’s actually collecting for “Sal’s Vacation Army.”

Popular Articles

18 Things Your Grandchildren Will Never Understand
18 Things Your Grandchildren Will Never Understand

How many of these once-familiar toys, tools and implements of a bygone era do you still have at your house?

11 Free Ways to Research Your Family History
11 Free Ways to Research Your Family History

Forget subscription-based genealogy sites. Use these free databases, instead. They are a treasure trove for family history researchers.

8 Things You Should Never Put in the Microwave
8 Things You Should Never Put in the Microwave

A microwave oven can be a busy cook’s best friend. But trying to heat these things inside a microwave can cause disaster.

View this page without ads

Help us produce more money-saving articles and videos by subscribing to a membership.

Get Started