The official start of the holiday shopping is here and even though cybersecurity firms are issuing warnings to help protect online shoppers many consumers may ignore safety advice if it stops them from saving money.
A variety of scams have already been spotted, with cybercriminals creating fake store websites, launching shopping-related phishing campaigns and running call center fraud schemes. Consequently, the number of cyberattacks taking place during the 2018 holiday shopping season will likely surge, mirroring 2017 when such incidents jumped 57 percent from the previous year, according to a Carbon Black report.
Perhaps even more concerning than the effort being put forth by malicious actors is that many consumers value saving money over their cybersecurity, DomainTools found in a consumer survey.
“The survey found that 62 percent of respondents are willing to shop a brand that has been breached in the past if it’s for a Cyber Monday sale, indicating that many consumers will remain loyal to their favorite shopping sites if there is a compelling enough deal on the table. However, in the absence of deep discounts, 60 percent said they will ditch a site if they think it is vulnerable to a breach or has been caught in the crosshairs of a scam in the past,” the survey stated.
Evidently, the bad guys know this and are ready to take advantage of this weakness.
Group-IB’s research team has revealed hundreds of fake websites purporting to represent some of the most popular brands and retailers. These sites are designed to lure in shoppers who believe they are giving their payment card information to legitimate companies, although they are actually handing it to cybercriminals.
The China-based Alibaba group of online stores appears to have borne the brunt of this activity so far with more than 400 clone sites having been spotted, with another 198 name brand sites also replicated.
“To attract customers, fraudsters create fake websites that look almost identical to the legitimate ones. They copy branding, logos and fonts and even register a similar domain name to mislead the visitors. The damage to one customer can reach up to hundreds of dollars. Such fake websites are capable of luring up to 200,000 monthly visitors,” Group-IB reported.
DomainTools noted the top three U.S. retailers, Amazon, Walmart and Target, have been targeted in a similar fashion, with URLs like wal-mart.com[.]bd and amagzon[.]com springing up on the internet.
Merchants also have to be on guard, as the electronic payment firm ACI Worldwide expects credit card fraud to increase 14 percent this year. This increase isn't as severe as previous years' increases have been, due to the use of “chip” credit cards, which makes such fraud more difficult to pull off. However, the value of an individual fraud purchase is expected to increase three percent.
Another area often overlooked during the Black Friday/Cyber Monday period is the danger it presents to non-retail companies. Not only does almost every business need to worry about its workers using company computer assets to shop, but the holiday period also creates a more fractured workforce.
A study from the security firm Morphisec found the majority of people will use their work-issued device to shop at some point during the holidays, opening up the corporate network to a huge number of threats.
“Searching for gifts on lesser-known websites can open up professionals and their enterprise network[s] to adware and other Potentially Unwanted Programs (PUPs). PUPs continue to be the largest group of threats prevented by Morphisec, representing 40 percent of all attacks,” the company noted.
There are also several non-shopping related issues capable of causing a headache for IT admins. The study found 25 percent of those surveyed planned to work from home more frequently during the holidays with another 47 percent of these folks using their personal computer for work activities while they travel.
“Working from home/remotely means collaborating with coworkers and sharing documents becomes more piecemeal, which increases the likelihood employees [are] unknowingly opening weaponized documents such as PDFs, a growing tool in cyberattackers' toolboxes,” Morphisec reported.