Kaspersky Lab’s Report Reveals Surge in Black Friday Shopping Threats
As the e-commerce market continues to grow, so does the allure of online shopping. However, the rising tide of Black Friday deals has also attracted a wave of cybercriminal activity, warns Kaspersky in its latest report. This analysis highlights how scammers are evolving their tactics to exploit consumers and businesses alike during peak shopping seasons.
Kaspersky’s findings reveal an alarming spike in cybercrime tied to Black Friday sales. From January to October 2024, the company identified over 38 million phishing attacks targeting users of online stores, payment systems, and banks. Nearly half (44.41%) of these attacks were directed at banking service users.
In the first two weeks of November alone, Kaspersky detected 198,000 spam messages themed around Black Friday. Phishing campaigns often impersonate major brands like Amazon, Walmart, and eBay, luring victims with fake discounts of up to 70%.
Interestingly, the report reveals that scammers on the dark web mirror legitimate online retailers by offering “Black Friday discounts” on stolen data bundles. These packages, often referred to as “fullz,” include sensitive information like credit card details, billing addresses, and even answers to security questions. According to Kaspersky, this competitive pricing reflects the dark web’s “demand and supply dynamics.”
Cybercriminals have increasingly turned to distributing fake mobile shopping apps designed to steal personal data, including payment credentials. These apps mimic official retailer platforms and promise lucrative deals to trick users into entering sensitive information. In 2024, Kaspersky blocked over 8,000 attacks tied to such apps.
Another emerging tactic involves phishing campaigns targeting region-specific shopping cultures, such as Singles’ Day in the Asia-Pacific region. These campaigns often deploy fake retailer websites weeks in advance to capitalize on local consumer habits.
The report notes that sellers are also at risk. A notable example includes a fake Etsy verification scam, where fraudsters impersonate the platform to extract sensitive financial information from sellers.
Image: Kaspersky
Kaspersky urges consumers to exercise caution during Black Friday and other high-traffic shopping periods:
- Verify Links and Emails: Be wary of deals that seem too good to be true. Always check URLs for discrepancies and avoid clicking on suspicious links.
- Use Secure Payment Methods: Opt for credit cards or trusted payment gateways with fraud protection.
- Enable Two-Factor Authentication: Strengthen account security to prevent unauthorized access.
- Install Reliable Security Software: Use tools that block phishing pages and protect financial data
While Black Friday offers an exciting opportunity for shoppers, it also serves as a lucrative playground for cybercriminals. By staying vigilant and adopting proactive security measures, consumers can enjoy their holiday shopping safely. As Kaspersky concludes, “Scammers capitalize on the urgency and high traffic surrounding Black Friday sales, with phishing campaigns harder to spot among streams of other limited time offers.”
