Holiday Scams: Stay Vigilant!

Seras IT provides premier security and protection for your information, network, and computers, but we are always at the mercy of our customers’ actions when they’re faced with malicious correspondence. It’s the Holiday Season and as much as you’d like to think everyone is joyous and generous time of year, it is often when scammers ramp up their efforts to steal your valuable information and even your money! Online shopping activities increase along with spikes in scammer activity - creating a scenario that cost Americans $6.9 billion in 2021 with highest numbers around the holidays. From social media to professional emails, here are some tips to stay protected…


Computer and Online: Typical Methods

Email: West Columbia Anydesk

One of our customers in West Columbia received an email from Paypal the other day that described a Norton Antivirus charge for $636.48 that was being charged to their Paypal account. It also stated that the charge seemed fraudulent and provided a contact number for Paypal customer support. The email sender address seemed accurate (service@paypal.com), the logo was legitimate, and the general message was similar to messages related to fraudulent charges from the bank.

When our customer called the number in the email, the sophistication of this fraudulent organization was incredible. A friendly woman answered the phone with, “Thank you for calling Paypal fraud department, how may I help you?” During a very convincing and brief conversation, she managed to get our customer to download anydesk, a remote access program, and give her team access to his computer. They locked him out and managed to empty a bank account of about $5,000 before he shut down his device.

Online Selling: Rock Hill Facebook Marketplace

One of our customers in the Rock Hill, SC area recently posted an item for sale on Facebook Marketplace. She received a very friendly message from a buyer that asked her to open a Zelle account to receive his payment. The buyer then sent her a fake notice that he had paid and she needed to upgrade to Zelle for business in order to receive his payment. When she questioned this, he sent her a fake screenshot of the message and claimed he received it too, but he was willing to pay for her upgrade and she could reimburse him. She sent the reimbursement to him, but actually never received any payments from him.

In this case, there wasn’t much we could do besides discussing the process with her and providing some methods for qualifying buyers within Facebook:

  • Verify that the buyer has more than 20 or so Facebook friends

  • Look for consistent, long-term posts and activity

  • Verify that the user did not recently create their Facebook profile

  • Look for buying reviews and send some qualifying questions to test their ability to communicate as many are often foreign and do not speak fluent english

  • Offer to make or receive payment using some other method than the one they are requesting


Social Media: Fake Stores and Stolen $$ in Rock Hill

Several folks in our Rock Hill service area have called about spending money in fake stores online and asking if we can help recover their money. Unfortunately, all we can really do is refer them to the FBI for assistance.

While scrolling through their favorite social media platform, an advertisement for a product that was too good to be true popped up, so they decided to buy several for friends and family. When they clicked on the add, they were re-directed to a very-real looking online store that was actually a fake. The sellers took their credit card information and charged them for products that they never had any intention of selling or sending to them!

Random Texts: Fake Delivery Fees in Columbia

Online sellers have learned how to provide a seamless, convenient, and informative experience for their customers. Many are sending automated updates related to shipping and delivery times via text message, which provides significant peace of mind to buyers.

Scammers send a text message that looks like it’s from a popular seller and asks for a small additional delivery fee to be paid. Customers click a link in the text that directs them to a legitimate-looking shipping page where they enter payment information that is then stolen and used elsewhere by the scammers.

Evolving Methods: They’ll likely Never Stop!

Unfortunately, these criminals will continue trying to steal your critical information and money and continue to create new, creative methods for doing so. Here are more schemes to look out for this Christmas:

  • Fake Charity - sending requests for donations to a charity that doesn’t exist

  • Password Expiration Notices - send a link to reset a soon-to-expire password, but in reality they are saving your username and password for their own personal use

  • Impersonating Popular Brands - calling, texting, or emailing requests related to “a recent purchase” in an attempt to get you to provide personal information or credentials

What can I do to Protect My Information?

While antivirus services, firewalls, and email filters are great tools that we deploy at all of our customers’ networks from Columbia to Rock Hill, they are all superseded by the user taking action out of our control. Our message to customers is to remain vigilant:

  • If ANYTHING at all seems suspicious, even if it’s just “my boss doesn’t normally write in that style”, don’t open any attachments or click any links

  • Ensure that Multifactor Authentication is enabled for all applicable software accounts and platforms

  • Always check the email sender’s address, not the name of the person, to make sure it’s a legitimate or branded email address

  • Get an automated notification added to your email server to notify employees if an email was generated from outside your organization

  • Perform staff training at regular intervals to ensure staff members are aware of latest trends

  • Work with a competent, established IT service provider that includes staff training and education as part of their management services

What if there was a Breach?

If you had an experience with a scammer that may have created a breach of information, the first step is to change any relevant passwords. In some scenarios, canceling a credit card or locking down a specific bank account may be necessary.

The best thing to do is contact your IT service provider and discuss the transaction or process that took place so that the proper scans, changes, and settings can be applied to your systems.

How Can Seras IT Help?

The Seras IT team loves staff training and does it’s best to stay on top of the latest trends and threats to our customers. Our help starts with staff training and quarterly newsletters and grows from there to the relevant branches of your network so that we can do everything possible to protect your critical data and systems. Click, call, or yell at us for more information!



We’re now serving the Rock Hill, SC market! Learn more here: www.serasIT.com/Rock-Hill