Skip to main content
The Keyword

Gmail

5 scams to watch out for this holiday season

An illustration of various gift cards with red alerts near them

From gathering to gifting, decorating to donating, holiday schedules tend to fill up fast. The last thing anyone wants to do is deal with tricksters, including spammers and scammers, who aim to steal your online account information and money.

These con artists are pesky and persistent during the best of times, but during the holiday season their behavior is even more extreme. That’s why we have a dedicated team of Googlers who work around the clock to thwart these uninvited guests. We protect Gmail users from nearly 15 billion unwanted messages a day, blocking more than 99.9% of spam, phishing and malware. But malicious actors don’t slow down during the holiday season — they accelerate. In the past two weeks alone, we blocked over 231 billion spam and phishing messages, 10% higher than the average volume.

So to help you be extra vigilant this holiday season, here is a quick guide to the types of emails and the red flags to watch out for:

1. Gift cards and giveaways.

When the shopping season is in full swing, gift card and giveaway scams are too. Scammers may attempt to trick people into purchasing a gift card for them — sometimes using the guise of a known contact — or dangle a free prize in exchange for sharing their credit card information. If you receive an email from your friend in Prague or Pennsylvania asking you to buy them a gift card, send them a quick text to confirm they really sent the request. And if a giveaway looks too good to be true, it just may be fraudulent.

A fraudulent offer from a retailer offering a free prize in exchange for joining a loyalty program

Received an offer that looks too good to be true? Think twice before clicking any links.

2. Charities.

Attackers don’t show any restraint during the season of giving. In fact, charity-related scams and phishing attempts get worse this time of year, hurting both those who fall prey to the scams and the charities that would have benefited from the giving. Whether it’s a supposed charity tied to a subject in the news, or an organization with a familiar name, be on the lookout for anyone asking you to contact them on their personal email or send money to them directly.

An email in which someone is pretending to be raising money for humanitarian needs.

3. Demographic targeting.

Some of the most pernicious scams are the most specifically targeted to you. These scams might seem more personal because they include some specific element of your life or identity. Whether it’s spoofing communications from local PTA board members or sending fraudulent emails targeted at specific age groups, keep your eyes open for identity-based malicious emails this holiday season.

An email from someone requesting a $450 reimbursement.

4. Subscription renewals.

As we approach the end of the year, subscription renewal scams can spike. A particularly unwelcome version of these emails spoof antivirus services, which lure victims with the promise of improved security. While some scammers can make their message look very convincing, always be sure to check the sender’s email. If it looks off, it may be fraudulent.

This email shows a false renewal notice for antivirus software.

5. Crypto scams.

A whole class of scams to itself, crypto-based scams can run rampant this time of year. A common variation of these scams uses a cryptocurrency wallet to collect payment and often attempts to extort funds from a victim through a threat. Gmail may warn you of these nonsensical requests, but it’s also important to know how to spot them so you can steer clear of falling victim to these types of scams. Some big red flags include typos, email addresses that seem off, or demands for payment.

A cryptocurrency scam in which the sender is demanding the recipient to deposit money into their online wallet.

While the range of malicious activities might seem dizzying, the good news is that Gmail helps block these and countless other malicious and unwanted campaigns. Digital safeguards in Gmail, including advanced phishing and malware controls, are tuned on by default, which help ensure you are protected. And while this is a dynamic, unending challenge, our tools and security experts are constantly scouring the data to spot new attack methods, and building new, sophisticated protections to help keep you safe. Learn more on our website about the protections built into Gmail, and consider following these golden rules to avoid becoming a victim of a holiday scam:

  • Slow it down. Scams are often designed to create a sense of urgency. Take time to ask questions and think it through.
  • Spot check. Do your research to double check the details you are getting. Does what they’re telling you make sense?
  • Stop! Don’t send. No reputable person or agency will ever demand payment or your personal information on the spot.