Kaspersky reports nearly 25% surge in retail-focused cyberthreats ahead of Black Friday
Date
11/25/2024 8:03:01 AM
(MENAFN- Bashir Mraish Consultancy) In 2024, cybercriminals launched over 38 million phishing attacks, impersonating major marketplaces, banks, and tech retailers. Stolen payment card data is actively traded on dark web forums, with prices ranging from $70 to $315 per set.
Kaspersky closely monitors the evolving landscape of shopping-related cyber threats. As shoppers prepare for major sales events like Black Friday in search of the best deals, the company’s researchers observe cybercriminals and fraudsters gearing up to exploit this demand, attempting to steal personal data, funds, and spread malware through deceptive shopping lures.
Between January and November 2024, Kaspersky solutions blocked 38,473,274 phishing attacks related to online shopping, payment systems, and banking institutions. Of these, 44% involved using banking services as bait — representing an increase of almost a quarter compared to the 30,803,840 million phishing attempts recorded during the same period last year.
Scammers frequently impersonate major retailers like Amazon, Walmart, and Etsy, sending deceptive emails claiming to offer exclusive discounts. These emails link to fake websites designed to mimic legitimate ones, often with subtle errors like misspellings or slightly altered domain names. Victims attempting to shop on these sites typically lose money.
Another widespread scam exploits consumers' desire to win prizes. Fraudsters send messages promoting limited-time surveys with prize draws, offering valuable rewards like a free iPhone 16. To create urgency, they claim only a few “chosen” users can access the deal, pressuring recipients to act quickly. Scammers offer a “reward” for sharing some “basic info," such as an email address, and spending some money on a fake site.
Kaspersky experts have traced the pathways of fraudulent activity, revealing that stolen data is either exploited directly by scammers or sold on dark web marketplaces. The value of the data determines its price. For instance, comprehensive sets of stolen credit card details, known as "fullz," typically include the card number, expiration date, CVV code, cardholder’s name, billing address, and phone number.
An example of a dark web ad selling user shopping data. Retrieved with Kaspersky Digital Footprint Intelligence
"This year, dark web markets mirror the pricing strategies and marketing tactics of legitimate online retailers. Some even offer Black Friday-style promotions, such as discounts and bundled deals, similar to seasonal sales found on mainstream websites," comments Marc Rivero, lead security researcher at Kaspersky's Global Research and Analysis Team.
Within this campaign, a seller was offering a 10% discount on stolen credit card details from countries like Canada, Australia, Italy, and Spain – with pricing between $70 and $315 for a card depending on the card's quality and the region it was from.
Black Friday sales on the dark web. Retrieved with Kaspersky Digital Footprint Intelligence
To enjoy the best that Black Friday has to offer this year, be sure to follow a few safety recommendations:
Do not trust any links or attachments received by mail; double-check the sender before opening anything.
Double-check e-shop websites before filling out any information: is the URL correct? Are there any spelling errors or design bugs?
Protect all the devices you use for online shopping with a reliable security solution. Kaspersky Premiumis protecting its’ users from various range of shopping scams.
Set up payment notifications and regularly check financial statements. Contact your bank or credit card company if you have any concerns about operations.
Set up automatic payment notifications and regularly review your financial statements. If you notice any unusual activity on your account, contact your bank or credit card company.
To learn more about shopping threat landscape in 2024, visit Securelist.com.
MENAFN25112024004771015760ID1108922488
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.