22 Nov 2018

Shoppers wait for Black Friday and Cyber Monday deals and there are thieves creating malicious apps to steal from these anxious buyers besides targeting online retailers with malware.

Black Friday and Cyber Monday comes soon after Thanksgiving Day which are the two most popular days for shopping online and almost all the retailers provide big offers, discounts and deals to maximize the holiday season.

Last year, Cyber Monday was the largest online sales day with online shoppers spending $6.59 billion while Black Friday brought in more than $5 billion sales.

This is a good opportunity for the hackers for a fast payday from unsuspecting shoppers either by attacking retailers or tricking people directly.

National Cybersecurity Alliance’s executive director, Russ Schrader stated that Black Friday and Cyber Monday are great days for getting deals while shopping online, at the same time it is also the best chance for hackers to get more active.

Hackers know very well how much money they could steal from the online shoppers searching for low prices. DNS security company DomainTools conducted a survey of consumers in which 62 percent of respondents said they are willing to by even from a brand that’s been breached if the deals are pretty attractive.This is indeed good news for websites like NewEgg and stores like Target and Adidas, which have suffered breaches.

When the buyers are ready to take risks to get discounts, then the hackers are also ready to take advantage of this. Researchers at RiskIQ, a security company discovered hundreds of fake apps and websites pretending to offer deals while stealing information instead.

Researchers searched for “Black Friday” and “Cyber Monday in app stores, and found that 237 of 4,324 results and 44 out of 959 were malicious respectively. For the top 10 retailers of Black Friday in 2017 the researchers found 6,615 malicious apps pretending to offer deals.

Hackers are increasing their attacks on popular retailers. Researchers from Kaspersky Lab found that from July to September, hackers attacked online stores 9.2 million times when compared to 11.2 million attempts the whole of 2017.

Kaspersky Lab was tracking 14 types of malware aimed at 67 different websites, ranging from electronics and video games to clothes and toys. Hackers were trying to insert banking malware that would steal your credit card information for them to use. This malware was being used commonly earlier by now the hackers are mainly targeting online shoppers.

The consumers and retailers must be very much cautious about their security and must always check and double check the integrity of websites before entering or downloading any data. It is very difficult to know at an early stage even if a site is compromised.

Magecart comprising of multiple hacker groups, has been targeting thousands of websites and stealing financial information from unsuspecting customers. They have attacked British Airways, Ticketmaster UK and NewEgg in the last five months. Since these were official websites, customers wouldn’t be able to tell something was wrong until their information was already stolen.

Let us take a look at some of the steps you can still take

  • When you are trying to shop online, especially looking for Black Friday and Cyber Monday deals it is recommended to watch out for scams and fake websites.
  • The NCSA advises to avoid deals received through email, and directly go to the store’s website. Fake deals normally have typos and suspicious email addresses.
  • Download apps only from Google and Apple’s official stores, and be always doubtful of apps that ask for more information than a shopping app would normally require.  Be cautious if an app asks for access to contacts or passwords.

Technical Writer,  Blogger,

Leave your thought

This site uses Akismet to reduce spam. Learn how your comment data is processed.