Wednesday, December 25, 2024

Bad-Actors have already started working on Black Friday and Cyber Monday

The fraudulent actions related to Black Friday and Cyber Monday have been examined over the past few weeks by researchers at the Bitdefender Antispam Lab.

The percentage of unauthorised Black Friday emails peaked on November 9 at 26% of all messages pertaining to Black Friday, according to specialists who observed that rate between October 26 and November 6.

According to the experts, the majority of Black Friday spam (by volume) (56% of all spam received during the same time period) was classified as a fraud.

By volume, over one in four (27%) of all Black Friday spam emails targeted internet users in the US and Ireland (24%). Germany (16%) and the US (49%) accounted for the majority of the spam related to Black Friday.

The malicious messages used various subjects in an attempt to trick the recipients into visiting the bogus websites to receive huge discounts.

Below are some of the subject lines observed by Bitdefender:

  • black friday sale louis vuitton bags up to 86 off shop online now
  • black friday ray ban oakley costa sunglasses up to 90 off shop online now
  • cyber monday starts now but only for you
  • 25 nov 2022 is black Friday
  • Claim Your $500 Home Depot Gift Card Now!
  • claim your 100 walmart reward just in time for black Friday
  • profitezvite de nosoffresspéciale (aimed at German shoppers)
  • richiedi un prestito per te 200 di buoni  in regalo (aimed at Italian shoppers)
  • black friday sale 70 rabatt auf sofort (aimed at German shoppers)

The paper includes information on some of the Black Friday frauds that were examined by the specialists, including the fake sales of Louis Vuitton and Ray-Ban sunglasses. The con artists advertised substantial discounts that could be acquired by making purchases from fictitious stores.

Recommended:  Experts developed a method to bypass multiple companies' web application firewalls (WAF)

Other advertisements that the experts noticed encouraged consumers to redeem gift cards from well-known merchants like Home Depot.

In this instance, links to phoney online survey pages that have nothing to do with the retailer’s gift card are included in the spam messages.

Once the recipients have completed the survey (even if they provide the wrong answers to all questions), they were directed to another page where we could choose the ‘prize.’ Then the recipients have to pay for the shipment by providing personal and financial data.

“We scored an iPhone 13, though. The displayed page uses the recipients’ IP address to display a localized version of the scam – in our case Romania.  We need to pay 15 RON (roughly 3.06 USD) for shipping and enter our name and address.” continues the report. “After entering our shipping details, we were prompted to enter our payment information, including cc number and CVV code.”

Additionally, researchers discovered fake 1,000 euro Amazon and PayPal vouchers being used in campaigns targeted at German users. The goal of these campaigns is to get people to confirm their email addresses and enter personally identifiable information. After that, the attackers sent dangerous links to the users’ provided email addresses.

The following are the suggestions made by Bitdefender:

Below are the recommendations provided by Bitdefender:

  • Always check the sender’s email address and look for typos
  • Never interact with unsolicited giveaway correspondence
  • Shop on legitimate websites you already know
  • Researcher any new vendor
  • Never access links or attachments you receive from unknown sources – Use a Bitdefender security solution to fend off scam and phishing links
  • Add an extra layer of security and privacy to your device when shopping this Black Friday with Bitdefender Premium Security.  With anti-phishing and advanced threat protection to block nasty internet threats, ransomware protection, VPN for safe shopping, and a dedicated Password Manager, you can steer clear of malicious attacks and protect your data
Recommended:  Akamai: We stopped record DDoS attack in Europe

The experts also published a guide for secure holiday shopping.

Suggest an edit to this article

Cybersecurity Knowledge Base

Latest Cybersecurity News

Cybersecurity Academy

Homepage

Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for our Weekly Cybersecurity Newsletter Today.

Remember, CyberSecurity Starts With You!

  • Globally, 30,000 websites are hacked daily.
  • 64% of companies worldwide have experienced at least one form of a cyber attack.
  • There were 20M breached records in March 2021.
  • In 2020, ransomware cases grew by 150%.
  • Email is responsible for around 94% of all malware.
  • Every 39 seconds, there is a new attack somewhere on the web.
  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
Bookmark
Please login to bookmarkClose
Share the word, let's increase Cybersecurity Awareness as we know it
- Sponsored -

Sponsored Offer

Unleash the Power of the Cloud: Grab $200 Credit for 60 Days on DigitalOcean!

Digital ocean free 200

Discover more infosec

Steven Black (n0tst3)
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK. I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated... I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK. I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

more infosec reads

Subscribe for weekly updates

explore

more

security