Sophos Tips: Ensure a Scam-Free Celebration in the Year of the Snake!

As the joyous celebrations of Chinese New Year approach, a dark cloud threatens to overshadow the festivities – a surge in scams targeting unsuspecting individuals and businesses in Malaysia. The festive season will not only witness increased online activity but the spirit of generosity, making it a prime target for scammers to exploit the unwary. According to the National Scam Response Centre Malaysia, Malaysians lost a staggering RM1.34 billion to online scams in 2023. Despite warnings to the public, the police fear that these cases only continue to increase especially during the season.

As we slither into the Year of the Snake, we must remain vigilant against the rise of sophisticated scams. Scammers are employing a variety of tactics, including fake e-red packets for phishing, pig-butchering schemes that exploit trust, impersonations of charities, online shopping scams with counterfeit discounts, and fraudulent delivery notifications. While these scams may not be entirely new, they still pose significant risks.

To ensure a safe and sound celebration, Sophos has compiled common scams and quick tips to protect you away from scams in the new year:

1. Fake E-Red Packet (Ang Pao) Scam: During Chinese New Year, scammers exploit the tradition of giving red packets, especially with the rising popularity of digital red packets. Cybercriminals often send phishing messages with fake e-red packet links disguised as offers, leading to malware infections or stolen personal data. Use secure payment platforms and reputable banking institutions for sending e-Ang Pao, and always hover over links to verify the URL before clicking. Additionally, contact a credible digital payment platform to verify any suspicious transactions.
2. Online Shopping Scam: Scams on online marketplaces are more prevalent than ever, especially during festive periods. Fraudsters cleverly exploit people’s enthusiasm for festive foods and auspicious items by promoting counterfeit deals through phishing emails, deceptive websites, and even social media messages. They often reel in customers with exaggerated discounts and irresistible buy-one-get-one-free offers for a limited time only, adding a sense of urgency to entice victims to fall for seemingly incredible prices.

   Stay vigilant and double-check before making any purchases that appear too good to be true. Always visit credible websites when purchasing goods, check URLs to ensure they start with ‘https’ with an accompanying lock icon in the address bar. This indicates strong TLS/SSL encryption and that your payment information is protected. While most online shops are secure, it’s always wise to double-check.

3. Fake Delivery Notification/ Messages: As the festive season approaches, be cautious of the increasing threat of fake delivery notifications linked to phishing tracking URLs. Stay alert and carefully verify every email and message you receive. These communications could be clever phishing attempts, aiming to trick you into clicking on harmful links that could compromise your personal data. Using official delivery service apps or websites to track parcels instead of clicking links in emails or texts also helps to protect you from succumbing to the trap.
4. Pig-Butchering Scam: Auspicious greetings and Chinese New Year blessings are commonplace, which can make them more vulnerable to pig-butchering scams. These scams use personalised messages on social media to build trust with victims before convincing them to invest in fraudulent cryptocurrency schemes. An investigation by Sophos reveals that organised crime groups have swindled nearly $3 million through deceptive decentralized finance (DeFi) apps. Protect yourself from unsolicited direct messages and always sign with two-factor authentication on social media accounts. Stay vigilant to avoid accepting friend requests from unknown individuals.

Cybercriminals frequently exploit cultural traditions to deceive unsuspecting individuals, particularly during significant celebrations like the Chinese New Year to deceive unsuspecting individuals. By increasing your awareness of these tactics, you can better protect yourself and your loved ones, allowing us all to enjoy the festivities with peace of mind.