Insights from the experts at Signature Bank

The holiday season is filled with celebrations and time to unwind with family and friends. But it also offers more ways to shop, give and travel, creating opportunities for scammers to steal personal and financial information. Fraud isn’t just growing — it’s getting smarter.

In 2024, the Federal Trade Commission (FTC) reported record-breaking losses — $12.5 billion — with imposter scams among the costliest fraud types. As criminals use increasingly advanced tools, it’s more important than ever to stay vigilant. The following tips can help you protect yourself, your devices and your accounts throughout the busy season.

Common holiday scams to watch this season

Phishing, smishing and imposter messages
Scammers send emails (phishing) or texts (smishing) that appear to be shipping alerts, purchase confirmations or bank notifications. Many now use artificial intelligence (AI) to mimic real brands, making links and language look more convincing.

Tips to stay safe: Never click any links in messages you did not expect to receive. Go directly to the company’s website instead.

Fake online stores and social media seller scams
Fraudsters create storefronts with professional photos and steep discounts. But they have no intention of delivering products. Others pose as sellers on social platforms and request payment outside secure channels.

Tips to stay safe: Carefully check website URLs, review the return policy and research the company before entering payment information.

Package-delivery scams
Fake USPS, UPS and FedEx notifications are especially common during the holidays. These messages often include urgent language and tracking links. If you receive a package you didn’t order, it may also indicate that someone is testing stolen personal information.

Tips to stay safe: Avoid clicking links in package-delivery emails. Visit the carrier’s official site and enter your tracking information manually. If you receive a package you didn’t order, check your accounts for unfamiliar charges and update passwords on sites where you shop.

Gift card scams
Scammers pressure consumers to pay with gift cards because the funds are hard to trace and difficult to recover. Criminals also sometimes tamper with gift card packaging, recording the card and PIN information before the card is purchased.

Tips to stay safe: Inspect packaging closely and keep receipts until the card is used. Be cautious of emails, phone calls or texts demanding payment via gift cards. 

Charity fraud
The holidays bring an increase in both charitable giving and fraudulent fundraising requests. Scammers often create fake websites or impersonate real organizations to solicit donations.

Tips to stay safe: Confirm the charity’s name, website and registration before donating. Avoid urgent requests or pressure to give.

Travel scams and cybersecurity risks
Holiday travel often leads to fraudulent rental listings, fake confirmation emails and malicious Wi-Fi hotspots, which can put both your plans and your personal information at risk.

Tips to stay safe: Be cautious about deals advertised through pop-ups or on unfamiliar travel sites. When you’re on the go, keep devices secure, avoid public charging stations and turn off auto-connect settings to prevent criminals from accessing your device.

How to protect yourself this holiday season

Update and secure your devices
Keeping your operating system, apps and antivirus software up to date is one of the easiest ways to protect your information. Updates fix security flaws and help block malware. Consider turning on automatic updates. Lock your device when not in use and set a strong passcode.

Use strong authentication
Usernames and passwords alone aren’t enough to secure your accounts, such as email, banking and shopping apps. Enable multifactor authentication to add an extra layer of protection and reduce the risk of account takeover.

Shop and browse safely
Avoid making purchases or entering passwords on public Wi-Fi. Use trusted websites and type in URLs directly when possible. Stick with secure payment methods such as credit cards, which offer stronger fraud protections and don’t draw directly from your bank account. Monitor your accounts regularly and enable transaction alerts so you’re notified of unusual activity.

Avoid risky charging and connections
Never plug your phone into public USB charging stations at airports or hotels. Criminals can install malware through those ports. Use your own charging adapter connected to a wall outlet, and turn off auto-connect for Wi-Fi, Bluetooth and near-field communication to prevent unwanted connections.

Declutter your digital life
Delete apps you no longer use and keep the ones you do use up to date. Review permissions for location, camera and microphone to ensure each app has only the access it needs. Purge old files you no longer need and review privacy settings on accounts you use to shop or socialize.

Secure your home network
Use strong encryption and update your router’s firmware to protect devices connected to your home Wi-Fi. A secure home network helps block cyberattacks and protect sensitive information.

How Signature Bank helps safeguard your accounts

Signature Bank uses layered security, account monitoring and fraud-prevention tools to help protect your financial information. If you notice unusual activity or receive a suspicious message that appears to come from us, please contact us immediately at 773-467-5600. Quick action can help prevent losses and keep your accounts secure.

What to do if you think you’ve been targeted

If you believe you’ve been a victim or interacted with a fraudster, follow these steps:

• Stop communicating immediately
• Change passwords
• Enable multifactor authentication
• Run an antivirus scan
• Report the incident to the FTC at ReportFraud.ftc.gov
• Call us immediately at 773-467-5600 so we can help monitor and protect your accounts

A little preparation can make a big difference. By staying alert, updating your devices and using safe online practices, you can protect your information and enjoy a more secure holiday season.

Business owners face additional fraud and cybersecurity risks during the holiday season.

Holiday cyber risks that target businesses

The end of the year brings increased invoice processing, payment activity and charitable giving, which can attract scammers seeking access to business funds or systems. Nearly 8 in 10 organizations were targeted by payment fraud last year, and only 22% of those affected recovered most of their losses. Below are some of the most common risks companies face during the holidays, along with steps to help reduce them.

Business email compromise
Fraudsters impersonate executives or vendors and request urgent wire transfers or changes to payment instructions.

Vendor and invoice scams
Criminals send fake invoices or claim a vendor’s bank account has changed. Always verify changes through a known phone number.

Seasonal hiring and payroll fraud
Fake applicants submit attachments that contain malware or request redirection of paychecks.

How to strengthen your defenses

• Train employees on phishing scams and secure internet use
• Use role-based access controls to restrict access to sensitive data
• Turn on multifactor authentication across systems
• Require dual control for outbound payments, requiring two authorized users to approve transactions before funds are sent
• Maintain secure Wi-Fi networks
• Implement automated backups and data recovery plans