Stay alert during holiday season Phishing sites lure shoppers with enticing deals
BENGALURU: Since holidays are here, cybercriminals are also putting in overtime and threat actors are poised to take advantage of consumers hoping to shop for yearly discounts. The next time when you open your inbox, be cautious as threat actors can deliver convincing phishing emails directly to consumer inbox, aided by AI tools including generative AI platforms. They might promise discounts or offer exclusive access to items or something similar.
In case if you click and they have harvested user data, they can leverage it for more damaging attacks, including ransomware.
Check Point Research has released insights into the cyber threats associated with the holiday shopping season, and it says nearly all new holiday shopping websites observed in the lead-up to Black Friday (November 29) were classified as unsafe. These phishing sites lure shoppers with enticing deals, only to harvest payment details and login credentials. The malicious websites, Check Point Research has observed signal a troubling trend. It says that the websites not only impersonate well-known global brands but also target smaller, boutique brands that may be less recognisable.
What is common among many of these fraudulent sites? They all exhibit similar design elements and formatting, suggesting the possibility of a coordinated operation behind these deceptive practices, it says. The US remains the most targeted region for ransomware, with incidents increasing by 24% compared to last year.
US retailers account for 45% of global ransomware attacks in the retail sector despite comprising less than 30% of the global retail market. Cybercriminals exploit stolen data to fuel a wide range of scams, from draining personal bank accounts to extorting businesses. The economic fallout can be devastating, with potential fines, operational disruptions, and reputational damage for businesses.
Check Point Research has already identified a major increase in malicious websites related to the start of the shopping season. The holidays are an exciting time for threat actors, too, as the bonanza of deal-seeking and volume of transactions creates an ideal environment for scammers hoping to fly under the radar.
Check URLs closely for misspellings or unusual host domains. Make sure the URL starts with “https://” and shows a padlock icon, certifying a secure connection. When emails come in, reference the sender against emails you know to be real. Don’t click anything you are not sure about and don’t blindly click through on QR codes. Never input unnecessary details like your personal information or financial details, and avoid inputting extra information like your birthday where it’s not required, says Check Point.
Cyber criminals rely on carelessness as much as on technical vulnerabilities, and by paying careful attention to a few simple security steps online, consumers can keep the door shut on cybercriminals, and enjoy the holidays.