Black Friday 2019: government reminds shoppers to stay aware of scams

by Gabriel E. Hall - - 2019-11-22

Black Friday and Cyber Monday security risks should bring more attention to holiday season cybercrime awareness

Scammers use various scam techniques during the Black Friday Cyber-attack activity goes higher during Black Friday sales: the government advises to stay vigilant.

It is claimed that online shoppers are more likely to become victims of cyber-attacks because e-commerce attacks have increased at least 15 percent when in comparison with last year.^[1] Many sites and retail platforms have released days or even weeks of deals until the big Friday on November 29th, which extremely adds up to all the security risks. Throughout the years, Black Friday become the day that online scams and cyberattacks get more active due to retail-specific applications and consumers who use their smartphones to make purchases.

Since the shopping day is lengthened, it means that malicious actors have more time to attack. During this time, financial phishing attacks increases by at least 24 percent when compared to the average week throughout the year, according to some researchers. Scammers hope that people will become less aware of the potential dangers while hunting for deals, sales, and best discounts, so various institutions and cybersecurity experts note the risk of becoming a hacker target.

The Cybersecurity and Infrastructure Security Agency issued a statement^[2] about the current activity of malware, encouraging people to remain vigilant during the deal hunting season:

As this holiday season approaches, the Cybersecurity and Infrastructure Security Agency (CISA) encourages users to be aware of potential holiday scams and malicious cyber campaigns, particularly when browsing or shopping online.

Common malware targetting e-commerce brands

According to cybersecurity firm Kaspersky, 15 families of financial malware targeted users of popular brands during the first three quarters of this year. However, in addition to Zeus,^[3] Gozi or other cyber threat families, a few new mobile banker malware strains got discovered. Anubis and Gustuff got used in campaigns targetting huge applications based on banking and cryptocurrency, as well as shopping services.^[4]

Bad actors hunt for valuable credentials like logins, passwords, credit card numbers, phone numbers while consumers hunt for the best deals. Such information can be obtained by corrupting data input services of targeted sites,^[5] modifying particular online page content to add the script or redirect the visitor to a phishing page. Customers should be more cautious during this season.

However, people still continue to shop online despite the risks and issues even after many reports, yearly analysis, and statements from institutions and researchers:

With financial fraud at an all-time high, people need to be reassured that their data and personal information is safe, or they will be less inclined to shop online. This is where businesses also have a part to play, stepping back and re-evaluating their IT security strategy to ensure there is a full lifecycle security plan in place, entailing: education for employees, the best defences to protect against attacks, and the most reliable tools for zero-day detection.

What makes Black Friday a security risk?

In 2018, more than 165 million people shopped over the weekend, and on Friday alone, $6.2 billion was made in online sales. Black Friday 2019 is predicted to hit at least $7.5 billion worth of purchases. It is pretty much obvious why such weeks of continuous sales are the target for cybercriminals. Malware creators are, pretty much all, money motivated, and profit made on Black Friday makes hackers more eager to use the opportunity to their advantage.

Criminals during this time try to target as many people as they can, so multiple vectors can easily become used for malicious activities:

emails about shipping details deliver links or attachments with malicious scripts;
social engineering campaigns target your logins and credentials;^[2]
cloned sites collect submitted information and lead to malicious pages.

The Cybersecurity and Infrastructure Security Agency stated that there are many possible ways malicious actors get to target victims. Spoofed emails requesting support for fraudulent charities, links where you need to submit personal details, and URLs with malicious scripts are the most dangerous due to the type of data malicious actors try to obtain.

You should at least try to avoid suspicious links, emails, downloading questionable attachments, and stay cautious when you decide to shop online. Make sure to verify the authenticity of a company, foundation, or charity that asks for donations or personal details. Check all emails that come with “shipping details” and similar subject lines.

About the author

Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions

References

^ Nikki Baird. Every result you need to know from Black Friday, Cyber Monday and the Holiday 2018 season so far. Forbes. Global media company.
^ Dave Wallen. Social Engineering: The Insider Threat to Cybersecurity. Securityboulevard. Security news.
^ Jake Doevan. Zeus virus is a banking Trojan which can be included in the tech support scam. 2spyware. Spyware related news and virus removal guides.
^ Catalin Cimpanu. Gustuff Android banking trojan targets 125+ banking, IM, and cryptocurrency apps. ZDNet. Technology and cybersecurity news.
^ Zack Whittaker. Meet the Magecart hackers, a persistent credit card skimmer group of groups you've never heard of. Techcrunch. Startup and technology news.