Follow ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- Scams target online shopping, donations, and other holiday activities.
- Scammers now use AI and cryptocurrency to commit fraud.
- Protect yourself by validating transactions and securing your accounts.
Cyber scams are a problem any time of the year. But the holiday season often brings out the worst of them. That’s because savvy cybercriminals know how to exploit such popular holiday activities as online shopping, travel, shipping, charitable giving, and digital payments.
Also: Beware the ‘Hi, how are you?’ text. It’s a scam – here’s how it works
Scammers are also increasingly tapping into AI, cryptocurrency, and other advanced techniques to commit fraud. Using AI, for example, criminals are able to more easily and effectively impersonate trusted individuals and companies. These types of scams then become not only more convincing but more difficult to detect.
In a new advisory called “Cyber-Safe Holidays: Recognizing and Avoiding Seasonal Scams,” the US Department of the Treasury highlights the three most common holiday cyber scams and offers advice on how to combat them.
1. Business impersonation
The first type of scam highlighted by the Treasury Department is business impersonation. This was the most common category of online fraud reported to the Federal Trade Commission’s Consumer Sentinel Network in 2024. Here, scammers devise an email or website that spoofs a trusted company or brand. The goal is to trick unsuspecting victims into divulging their account credentials or payment information.
Also: Don’t be fooled by this massive YouTube scam network – how to protect yourself
Scammers often use social media to create ads that direct people to their fraudulent websites. For 2025, some 39% of consumers said that they were victims of fraud after buying something through a social media ad, according to AARP. That percentage was up from 35% in 2024.
With a holiday angle in mind, scammers will promote products at exceptionally low prices, hoping to catch consumers looking for bargains. But once the purchase goes through, the products are never delivered. In 2024, the FBI’s Internet Crime Complaint Center received tens of thousands of complaints about nondelivery and nonpayment scams, resulting in consumer losses of more than $785 million.
2. Charitable giving
Another popular scam that increases during the holidays involves charitable giving. With people in the mood to donate money, cybercriminals set up fake charities with fraudulent websites backed by email and telemarketing campaigns. In 2024, Americans gave $592.5 billion to charitable organizations, according to the Giving USA Foundation. Though that generosity is to be admired, the giving spirit makes this area ripe for exploitation.
3. Gift card draining
The third most common cyber scam focuses on gift card draining. In this one, scammers steal card numbers from store racks and then drain the balance right after the card is activated. With 70% of consumers looking to purchase gift cards for 2025 in total, this is another area vulnerable to fraud.
Scammers are using AI and cryptocurrency
Cybercriminals are also taking advantage of AI and cryptocurrency to create scams that appear more legitimate, can easily be expanded, and are hard to trace.
Also: Phishing training doesn’t stop your employees from clicking scam links – here’s why
As one tactic increasingly being reported to federal agencies, AI-based voice cloning lets a scammer impersonate the voice of a friend or family member to ask for money in an alleged emergency. In another type of scheme, scammers devise AI-generated emails, ads, customer service chats, and deepfake videos to design phony but convincing charities, online storefronts, and promotions.
To help you protect yourself from these and other holiday-themed scams, the Treasury Department offers the following five tips:
Validate charities
Donating to a charity is a noble goal. But you want to make sure your money isn’t winding up in the hands of a scammer. Investigate a charity before giving away your cash. For that, you can turn to independent reviews, official websites, and charity registries such as Charity Navigator and Charity Watch.
Verify a transaction
Before responding to unexpected messages about orders, deliveries, account issues, or money requests, always contact the organization or person separately. Never use links or phone numbers listed in unexpected or suspicious messages.
Use safe payment methods
Pay for items using a credit card or another method that lets you challenge or dispute fraudulent purchases.
Beef up your account security
Set up the necessary security options to protect your accounts, especially financial ones. This means using strong and complex passwords, enabling multifactor authentication, turning on transaction alerts, and monitoring your transactions, particularly during the holidays.
Report fraud ASAP
If you are the victim of a cyber scam, quickly report it to your financial provider, to the FTC, and to the IC3. Include any screenshots, communications, and other details to help authorities investigate the crime and possibly recover your stolen money.
Also: Scam texts net over $1 billion for cyber gangs – how to avoid their traps
“Holiday-themed cyber fraud is not merely a seasonal nuisance — it represents an annual surge layered on top of already unprecedented levels of fraud in the United States,” the US Treasury Department said in its advisory. “As criminals adopt AI, expand crypto-enabled schemes, and exploit the spike in holiday transactions, heightened public awareness and basic protective steps remain our strongest defense.”