Black price tag with the words "Black Friday Scam" on it

Black Friday Phishing – Scam Alert

A wonderful time of the year is approaching, a time where common courtesy, polite manners and all other pretence of civility are momentarily dropped in order to find one thing, a great deal.

As shopping events go, Black Friday and Cyber Monday combine into one of the world’s largest buying frenzies, second only to China’s Singles’ Day.

But as we bound toward this beautiful and terrible day, hunting for great prices, we urge you all to keep a vigilant watch for online scams.

As is unfortunately to be expected, the weeks surrounding Black Friday see the highest increase in phishing emails sent each day. In fact, during this period, daily phishing emails increase 24% over the average for the year, and let’s not take the word “average” too lightly here, 3.4 billion phishing emails a day is the average.

Online shoppers are the largest targets for these increased phishing attacks, and in comparison to last year we are already seeing a 15% increase in e-commerce attacks targeting shoppers.

No longer is Black Friday just a day, its 24/7, and scammers are cashing in on this extra exposure. With the largest online retailers offering extended shopping periods, such as Amazon’s Black Friday week (22nd – 29th November) and the ability to shop directly via store-specific apps, the increase in shoppers’ threat surface is dramatic.

As Black Friday and Cyber Monday draws near, shoppers must be on red alert. This is effectively hunting season for cybercriminals, who are on the prowl to steal personal details, card numbers or bank account credentials from unknowing victims.

With financial fraud at an all-time high, people need to be reassured that their data and personal information is safe, or they will be less inclined to shop online. This is where businesses also have a part to play, stepping back and re-evaluating their IT security strategy to ensure there is a full lifecycle security plan in place, entailing: education for employees, the best defences to protect against attacks, and the most reliable tools for zero-day detection. There are also simple steps that consumers can follow to prevent Black Friday becoming the most dangerous time of the year online.

David Emm – Principal Security Researcher, Kaspersky

During this period of heightened cyber crime, we encourage all users to adopt a security-first mindset, this can be broken into a few basic tips:

  • Treat all emails about sales and great deals with extreme caution, if it looks too good to be true, it probably is.
  • Pay close attention to where an email is redirecting you, hover the mouse over any links to see where it leads, if it isn’t the official URL of the retailer, don’t click it.
  • Enable Two-Factor Authentication (2FA) everywhere you can, paying extra attention to banking and payment methods (such as PayPal 2FA, Verified by Visa, MasterCard Secure Code, etc…)

The need for effective Security Awareness Training is immense in order to reduce the number of shoppers, business or otherwise, being fooled by phishers.

At Phishing Tackle, we work hard to educate and test our customers, helping to bring their risk awareness up and thus raise cyber-security within their business.

There really is no substitute for security-savvy staff, with the onslaught of well-crafted phishing emails fast approaching, why not find out how many of your staff are at risk from phishing attempts? Try our Free Click-Prone® Test, it might just save your organisation.

Recent posts