Beware of the '12 Scams of Christmas'

Nov. 20, 2009— -- On the first day of Christmas, my true love gave to me ... a virus in my PC?

As consumers get ready to hit the Internet in droves to buy holiday gifts, exchange greeting cards and search for Christmas carol lyrics and ringtones, security researchers have a few words of caution.

Cybercriminals save their best schemes for the holidays, they say, dressing online scams to steal personal information and money in festive, seasonal wrapping.

"Everyone is going to the Web to do holiday shopping. ... That presents the bad guys with a better way of delivering threats to you," said David Marcus, director of security research and communications for McAfee Labs, which on Thursday warned consumers about the "Twelve Scams of Christmas."

According to Consumer Reports, in the past two years, cybercriminals have stolen $8 billion from Internet users. And, Marcus said, they pull out all the stops around popular holidays.

"The bad guys read the same news you do and will use the news and event of the day against you," he said.

Cybercriminals are a creative bunch, tricking even the most cautious users into disclosing sensitive information. But pay attention to the following 12 scams and, hopefully, they won't deceive you.

1. Charity Phishing Scams Prey on Your Generosity

'Tis the season for giving, right? Yes, but you should still be careful to whom you give.

Hackers are ready and waiting to take advantage of your generosity with e-mails and Web sites that appear to be from legitimate charitable organizations, McAfee warned. They may look real, but the Web sites are actually designed to steal donations, credit card information and donor identities.

If you get a suspicious e-mail directing you to a company or charity's Web site, do not click on the link. Instead, go directly to the Web site by typing the address or using a search engine.