Windows 10 News and info | Forum
December 12, 2018, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: PSA: Phishing Levels Rise Ahead of Black Friday and Cyber Monday  (Read 16 times)
javajolt
Administrator
Hero Member
*****
Offline Offline

Gender: Male
United States United States

Posts: 29275


I Do Windows


WWW Email
« on: November 22, 2018, 04:45:03 PM »
ReplyReply

With the shopping season underway, cybercriminals are making efforts to capitalize from key holidays and users' craze for Black Friday and Cyber Monday discounts.

Scams and malicious email campaigns are in full swing, and so are web-skimming operations that steal payment card information from vulnerable online stores.

The US-CERT released a warning this week about the growing number of emails with malicious links or attachments, malvertising campaigns, and donation requests from fake charitable outfits.

The phishing threat

The alert is backed by findings from cloud security company Zscaler that say they've "seen a steady rise in phishing attacks leading up to Black Friday and Cyber Monday".

Between mid-October and mid-November, the company observed 723,942 targeted phishing campaigns and almost half a million generic spam attacks. In total, the company recorded almost 1.3 million events of this type.



The research reveals that with some targeted attacks the purpose is to compromise Amazon accounts and steal payment card data.

Two examples of fake pages for logging into Amazon and for billing verification show that cybercriminals have become adept social engineers, leaving few tells for the scam.



To an unsuspecting user, the fake login page is indistinguishable from the original, but a look at the URL in the address bar gives away the fraud attempt since the domain name is not from Amazon. The absence of a secure http connection is another tale of mischievous activity, which browsers like Chrome will mark with a 'Not Secure' indicator.



"The best defense is to always be conscious of the address bar. A store like Amazon is never going to ask you for sensitive information away from the Amazon site," advises Chris Mannon, a senior security researcher at Zscaler.

In another campaign spotted by Forcepoint, crooks used the Thanksgiving theme to lure unsuspecting users into downloading a message that delivered the Emotet malware along with holiday greetings.

The web-skimming threat

A more serious risk that users cannot efficiently avert on their own is web-skimming attacks, which steal the financial details users provide on the payment page of a web store.

Multiple groups collectively known as MageCart are actively compromising online shops, sometimes sabotaging each other to get a larger piece of the pie.

These crooks can choose to attack the e-commerce site directly by exploiting vulnerabilities, or they can compromise a provider of a third-party library that runs on the payment page.

Statistics on MageCart attacks between September 20 and November 15 show a total of 7,424 events.



User-side defenses against the MageCart are limited as there isn't a reliable solution to guarantee protection even against common forms of such attacks.

The hope is with merchants, who can implement effective safeguards that ensure the integrity of third-party libraries loading on their websites. They can also reduce the attack surface by disabling scripts that are not needed for online payment forms.

source
« Last Edit: November 22, 2018, 04:50:46 PM by javajolt » Logged



Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page Today at 01:45:32 AM