The holidays are upon us, but it’s not all gift giving, tree trimming and eggnog drinking. This is also the time of year when scammers come out in force. While OpenDNS is the single best way to protect yourself and your loves ones from phishing and forgeries, education is key. To complement our great phishing quiz my colleague Erin posted about here, we’ve compiled a list of the most common, and tricky, holiday phishing scams. Brush up, take note and avoid getting duped.

Scam: Air Travel Deals

With so many travelers still scrambling to buy last-minute air tickets, it’s important to be extremely careful when clicking through to an airline’s website from a promotional email. Phishing websites like this one spoofing American Airlines are not legitimate. The URL for this one, www.aa-advantager.com, is the giveaway — even though it’s close to the real domain (www.aa.com).

Scam: Holiday Shopping

If you’re like me, you’re doing most of your holiday shopping online this year. So it’s no surprise that scammers are spoofing websites like eBay (one of the most spoofed brands in phishing scams all year long) and trying to trick shoppers into entering their login credentials. When doing shopping online, the safest way to get to your destination site is to type its URL directly into your address bar.

Scam: Money Transfers

For better or worse, lots of people skip the gift buying altogether and just give cash. That’s why we’re including money transfer-themed phishes on our list. We can’t stress enough: any time you deal in currency online, be extra careful. The safest way to get to a website is to type its URL straight into your address bar.

Scam: Connect with Loved Ones

No doubt Skype usage increases during the holidays when the revolutionary service is used to see the smiling faces of family members abroad. But we all need to take great caution when phishes this sophisticated exist. Note that while the URL (http://skype.host.org/account/signin_form.php) is very convincing, it’s not the real Skype domain.

Today we unveil DNSCrypt, a new security tool we’ve developed that has been on our minds for a long time. It has a simple but important function: encrypt all DNS traffic between you and OpenDNS. Nothing else like it exists, and we have very high expectations for the positive impact it can have on the Internet security and privacy of millions of people around the world.

DNS is a critical part of the Internet’s infrastructure, and though a good deal of attention has been paid to improving its security in recent years with DNSSEC, an important part has been overlooked. It’s what’s often referred to as the “last mile,” or the connection between you and your ISP or your DNS provider, if you use a DNS service like OpenDNS. It’s in this “last mile” that bad things are most likely to happen — snooping, tampering, or even hijacking traffic. Anyone who knows what they’re doing can eavesdrop on your Internet activity and see exactly which domains you are resolving, and in many cases, what websites you’re visiting.

It happens all the time on insecure networks at coffee shops, and even residences. Some ISPs have even been accused of spying on their customers’ activity. What’s worse, the “last mile” is ripe for man-in-the-middle attacks, where an intermediary injects themselves into your traffic path masquerading as your intended destination, but all the while, being able to see and modify your traffic. This leaves little confidence for the Internet user.

DNSCrypt changes this and has the potential to completely revolutionize Internet security. DNS has, unfortunately, always had some inherent weaknesses because it’s transported in plain text. DNSSEC has never attempted to address that (crazy, I know). Encrypting all DNS traffic means a fundamental change to the security of the system on the whole and a strong improvement. It’s not the only solution, and there’s still an important place for verification and validation of domains like DNSSEC provides, but it’s a very strong first step.

We’ve been sharing DNSCrypt with security experts over the past several weeks and the feedback has been phenomenal. A tool like DNSCrypt is critically necessary to ensure the security of DNS going forward. DNSCrypt is a “technology preview” today, and the code is being open-sourced. For the über-nerds, our implementation is the first (known) implementation of the forwarder ideas expressed in the DNSCurve community, which many will recall, we were one of the first to implement.

Download DNSCrypt today and try it for yourself.