December means gifts, well-earned time off… and unfortunately, a surge in online fraud. This time of year, cybercriminals step up their game, targeting users who are rushed, distracted, or working outside their usual routine. Whether you’re an IT manager, HR director, or small business owner, this guide will help you raise awareness within your team before the holidays begin.
Here are six common traps to watch out for—and how to stay safe during the festive season.
1. The fake delivery notice
A classic scam. You get an email claiming a package couldn’t be delivered, with a link to “reschedule delivery.” But clicking that link can download malware or lead to a phishing site.
How to react: Never click on unexpected links. Check the sender’s address and go directly to the official carrier’s website.
2. The online store that’s too good to be true
80% off a luxury watch? A console at half price? Even during year-end sales, these are often fake shops or fraudulent sellers targeting users on social media.
How to react: Look for reviews, verify the URL (is the padlock icon there?), and be wary of typos or poor branding. When in doubt, back out.
3. Tampered gift cards
Some scammers target physical gift cards in stores. They copy codes and wait for the card to be activated—then drain the balance before the buyer can use it.
How to react: Buy gift cards directly at the counter or through official websites. Always check that the scratch-off code is still hidden.
4. The “too good to miss” promo email
Fake newsletters impersonating big brands are filled with phishing links. They rely on your holiday shopping excitement to rush your judgment.
How to react: Don’t trust logos alone. Hover over links before clicking, and always double-check the sender’s email address.
5. Mall Wi-Fi traps
That open Wi-Fi network named after a popular store? It could be a cybercriminal’s setup. Connecting to it could expose sensitive data on your phone—emails, credentials, even banking info.
How to react: Don’t take chances. Use your cellular LTE, ask a trusted friend for a hotspot, or wait until you’re on a secure and verified Wi-Fi network.
6. The urgent message from a colleague (that’s not real)
“Can you wire me some funds?” or “I need your password to finalize an order.” These requests seem legit—but are often social engineering attempts using spoofed identities.
How to react: Always confirm through a second channel (call, text, Teams). No urgency should ever bypass your security reflexes.
December demands vigilance
Cybercriminals know that December is ripe for distraction. A simple habit: share this guide with your team, go over it in your last meeting of the year, and make sure everyone knows how to spot a scam.
If some of these traps sound familiar, Mon Technicien’s experts can help. We support many Quebec SMEs in strengthening their IT security—even during the holidays.
in your taskbar.