Black Friday is a hacker’s holiday, says think tank

Black Friday shoppers should be on the lookout for new scams launched by hackers in the days leading up to the event.

With hackers impersonating well-known businesses, Check Point Research (CPR) said that the team has already noticed a dramatic rise in phishing attempts involving online shopping.

According to a recent CPR statement, “While consumers are getting ready to bag the best deal, cybercriminals are taking advantage of distracted minds by launching their own shopping ‘specials’”. These, the agency said, take the shape of phishing attacks and copycat websites – designed to look like the online shops of known retailers.

A malicious phishing email that looked like it had been sent by luxury retailer Louis Vuitton and using a suspicious email address was found by Check Point researchers at the end of October.

“The well-known fashion brand was also the subject of several other fake websites,” CPR wrote, adding that four domains with the same format were registered at the beginning of October.

According to reports, all of these websites were created to resemble the official Louis Vuitton website and propagated via emails with subject lines that implied discounts were available.

Check Point said that over the previous month they had seen an increased number of incidents involving these domains, reaching close to 15,000 in the second week of November.

Hackers were exploiting the Black Friday shopping spree not only by pretending to be reputable online shops, but also delivery companies.

CPR states that during the first 10 days of November, 17% of all malicious files disseminated via emails had to do with orders, delivery, and shipping.

One scam attempted to obtain the victims’ login information by pretending to be the delivery service DHL and demanding €1.99 in order to complete the delivery.

If you would like to assess the security of your company or educate your team on cybersecurity, please contact Cloudica. We organize workshops and webinars for businesses in multiple sectors, and advise companies on how to best protect their data online.