FBI warns email users as holiday scams surge

FBI warns email users as holiday scams surge. Learn the top tricks draining bank accounts and the steps that help keep you safe this season.

  Science/Technology   Dec 5, 2025   0   0  Add to Reading List

Holiday shopping creates a perfect storm for cybercriminals. The FBI says scammers target Gmail, Outlook and nearly every other inbox this time of year as they push fake messages that trick you into giving up money or sensitive information. These schemes move fast, and victims often do not realize what happened until their bank accounts show charges they never made.

 

 

 

A girl shopping for the holidays on her phone

 

Why the FBI is raising the alarm

The FBI’s Internet Crime Complaint Center notes that Americans lose more than $785 million to non-payment and non-delivery scams during the holiday cycle and the months that follow. Credit card fraud pushed losses higher by another $199 million. Complaints usually surge in the early months of the year, which the IC3 ties to holiday activity that happens in November and December.

The agency highlights four major schemes that spike during the season. They include

  • non-delivery scams where you pay for items that never arrive
  • non-payment scams where sellers get nothing after shipping items
  • auction fraud where the product is not what the listing claimed
  • and gift card fraud where criminals push victims to pay with prepaid cards.

The FBI says one click on a suspicious link can install malware. That malware can capture your name, password and bank account number. Criminals use that information to break into accounts faster than most people expect.

A woman shopping on her laptop for holiday gifts

 

A growing problem with account takeover scams

The agency is also tracking a sharp rise in Account Takeover attacks. Since January 2025, the IC3 has received more than 5,100 complaints tied to these scams with reported losses of over $262 million.

These attacks start with social engineering. Criminals impersonate bank workers, customer service staff or fraud teams. They send fake emails, texts, or calls that claim your account has a problem. Victims then face pressure to share login credentials, multi-factor authentication codes or one-time passcodes.

Criminals also create phishing sites that look like real banking or payroll portals. Some even buy search ads so the fake sites appear at the top of the results. Once a victim enters their information, scammers log in, lock out the real owner and move money. Many transfers go through cryptocurrency wallets to hide the trail.

A woman is shopping on her laptop for holiday gifts

 

How to stay safe from holiday email scams

You can lower your risk with a few simple habits.

 

1) Be cautious with links and attachments

Avoid opening links or files in emails, websites or social media posts you did not expect. Also, use strong antivirus software to catch malware if you accidentally click on something unsafe.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

 

2) Look up companies on your own

If a message asks you to update your password or account information, find the company’s phone number yourself and call to verify it.

 

3) Watch for pressure tactics

Scammers create a sense of urgency. Slow down and confirm what you are being told.

 

4) Limit what scammers can find about you online

Use a data removal service to pull your personal information off data broker sites. These services scan dozens of brokers that publish your phone number, home address, email and even shopping habits. When less of your data is exposed, scammers have fewer details to use when crafting convincing phishing emails or impersonating trusted companies. This makes it harder for criminals to target you with personalized attacks during the holiday shopping rush.

 

Is your personal information exposed online?

Run a free scan to see if your personal info is compromised. Results arrive by email in about an hour.

 

5) Limit what scammers can find about you online

Use a data removal service to pull your information off data broker sites. This reduces the personal details criminals use to craft convincing phishing messages.

 

6) Check the website address before signing in

Look for odd spellings or domains that seem out of place. Banks never send sign-in links that redirect through unfamiliar sites.

 

7) Protect your accounts

Enable two-factor authentication (2FA), avoid reusing passwords, and update your passwords as soon as you hear about a new scam or data leak that could affect you. Consider using a password manager, which securely stores and generates complex passwords, reducing the risk of password reuse.

Next, see if your email has been exposed in past breaches. Our #1 pick, NordPass, includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

 

8) Use email aliases to protect your main inbox

Create alias email addresses for shopping and sign-ups. These aliases forward messages to your primary inbox and help reduce spam. They also limit how much of your real information scammers can access if a retailer or website faces a breach.

 

9) Act fast if money is stolen

The FBI says victims should contact their financial institution as soon as they notice fraud. Request a recall or reversal and ask for a Hold Harmless Letter or Letter of Indemnity. Then reset every credential connected to the exposed password, including any account that uses the same login.

 

10) Report scams right away

The FBI urges victims to report fraudulent activity to the Internet Crime Complaint Center (IC3). Quick reporting helps investigators track new scam patterns and may improve recovery chances.

 

 

Related Links: 

 

 

Kurt’s Key takeaways

Cybercriminals count on distraction during the holiday rush. Staying alert helps keep your inbox, money and personal information safer. Awareness is your strongest tool, and even small steps make a big difference when scams grow more advanced every year.

What scams have you seen hit your inbox this season, and how did you handle them? Let us know in the comments below. 

FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

 

Copyright 2025 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.

Read Original   

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow