Don’t give too much away this Christmas!

24 November 2020

For most of us, Christmas is a time of merriment. For cyber criminals however, it’s also the season for exploitation.

Did you know that Australians lost over $14 million through scams last December? Common Christmas scams include fake email gift certificates, e-cards and parcel delivery notifications which request either confirmation of delivery addresses or payment to collect or hold a parcel. In these scams, criminals use email, mobile apps, social networking and online forums to siphon money from victims. Don’t be a scam statistic this silly season. Give presents, not data this Christmas.

Be careful with the information you share online and follow these tips to protect your data:

  • Websites: naughty or nice? – be extremely cautious when dealing with unfamiliar retail websites, particularly if they’re advertising products and services at extremely low prices. These may be scam websites set up to steal your money or identity details.
  • Check it twice – if you receive an e-card or electronic gift card, check the legitimacy with the gift giver prior to opening it. Be especially wary of .zip or .exe attachments or links.
  • Don’t overshare on social media – you don’t want thieves to know your house is empty or to know exactly where you are. Be very careful about sharing too much of your travels on social media. Instead, post about them once you’re home.
  • Be careful with apps – there are an array of fun and festive apps to download, however be mindful of the information the app requests access to, as well as the potential for malware. Only use apps from reputable sources. Check out reviews from users or other trusted sources before downloading anything that is unfamiliar.
  • Don’t dash through online checkouts - if you’re doing your shopping online, be cautious of how you pay and consider the security controls on the merchant's website. Some online retailers require you to enter your credit card details directly into their website. In this case, it is hard to know if your details are being stored securely. Check to see if the merchant is using a secure external payment gateway, or if possible pay via PayPal (which is generally more secure as it means the merchant never gets access to your credit card details).
  • Be frosty when sites ask for your personal information – when making a purchase online or entering a competition, be alert to the kinds of information you are asked to provide. Ask yourself if it is necessary for the vendor to have that information to complete the transaction; only provide the minimum information required.
  • Don’t let stress get the best of you – people are more likely to fall victim to a scam when they are stressed or overwhelmed, as they don’t have the presence of mind or time to properly check validity.

If you come across a scam, you can report it to; this helps raise awareness of the scam so others do not fall victim. Cybercrime can also be reported at

Learn more about cyber security and data and information at UQ.