E-commerce attacks targeted directly at shoppers have increased by 15% compared to last year – whilst Amazon has released an additional week of deals in the lead up to the big day, widening the threat landscape.
Black Friday has become the biggest annual consumer event, with 95% of consumers now aware of the day. But where shoppers used to head in-store for Black Friday, and then online for Cyber Monday – which also debuted in 2005 – the decline of the high street has forced more shoppers online.
Figures from Black Friday Global revealed that last year only 12% of shoppers made their Black Friday purchases solely in-store. The resulting increase in retailer-specific apps and earlier access to deals from the direct comfort of consumer homes has encouraged shoppers to favour shopping entirely online, with 56% preferring online purchases over in-store purchases and 55% of people now using smartphones to make purchases during the Black Friday weekend.
This increase in online shopping, combined with the heightened – and lengthened – shopping period means a heightened time for cyberattacks.
A new report from Kaspersky has highlighted the increased danger to consumers during these annual shopping days, where the likelihood of financial phishing attacks increases by 24% compared to the average value throughout the year. In the hope that consumers become less vigilant during the hunt for a good deal, hackers ramp up their activity, with almost a hundred consumer e-commerce sites and mobile applications becoming the target of malicious activity.
According to Kaspersky experts, in the first three quarters of 2019, fifteen families of financial malware targeted users of popular brands. This year, in addition to the already-known banking families such as Zeus, Betabot and Cridex Gozi, Kaspersky has also identified two new mobile bankers, Anubis and Gustuff.
The hackers target e-commerce brands to hunt for user credentials like logins, passwords, card numbers, phone numbers and more. They seize the data from victims by intercepting input data on target sites, modifying the online page content, and/or redirecting visitors to phishing pages – showing a need for shoppers to be extra vigilant, and for retailers to help keep their customers safe.
“As Black Friday and Cyber Money draws near, shoppers must be on red alert,” says David Emm, Principal Security Researcher, Kaspersky. “This is effectively hunting season for cybercriminals, who are on the prowl to steal personal details, card numbers or bank account credentials from unknowing victims.”
Emm continues: “With financial fraud at an all-time high, people need to be reassured that their data and personal information is safe, or they will be less inclined to shop online. This is where businesses also have a part to play, stepping back and re-evaluating their IT security strategy to ensure there is a full lifecycle security plan in place, entailing: education for employees, the best defences to protect against attacks, and the most reliable tools for zero-day detection. There are also simple steps that consumers can follow to prevent Black Friday becoming the most dangerous time of the year online.”
If you are an online brand or trader
- Before getting carried away with Black Friday bargains, Kaspersky recommends the following steps to stay safe – or keep customers safe – when shopping online…
- Use a reputable payment service and keep your online trading and payment platform software up to date. Every new update may contain critical patches to make the system less vulnerable to cybercriminals.
- Use a tailored IT and cybersecurity solution to protect your business and customers.
- Pay attention to the personal information used by customers who buy from you. Use a fraud prevention solution that you can adjust to your company profile and the profile of your customers.