Windows 10 News and info | Forum
December 10, 2019, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Holiday Scam Season Is Here for All Shoppers  (Read 18 times)
javajolt
Administrator
Hero Member
*****
Offline Offline

Gender: Male
United States United States

Posts: 30794


I Do Windows


WWW Email
« on: November 26, 2019, 06:35:46 PM »
ReplyReply

The holiday shopping season is in full swing, with Black Friday and Cyber Monday just around the corner, and scammers have been getting ready to cash in from their fraud campaigns.

While some fraudsters target the online landscape fooling shoppers with lookalike domains, others focus on customers of brick and mortar retail stores.

The latter take advantage of the flood of legitimate discounts to trick potential victims into giving information that could be used for attacks all year round.

Targeting brick and mortar store customers

Researchers at ZeroFOX combed the internet for holiday-themed fraud campaigns and found more than 60,000 potential scams, most of them aimed at consumers in the market for regular products that do not fit the luxury category.

The cybersecurity company noticed that the scammers attracted victims with the promise of gift cards, giveaways, discounts, or coupons.

Since user data was the coveted prize, all cybercriminals had to do was create an appealing post directing victims to malicious websites.



According to ZeroFOX, this type of post is likely advertised found on social media and digital platforms.

The link in the post above leads to a landing page with multiple fake giveaways. The poor design of the page should serve as a warning, and so should the request to input personal information such as phone number, gender, date of birth, and street address.



Most of the keywords likely to lead to a retail scam that was noticed by the researchers during their study are related to gift-giving. However, posts from unknown accounts on social media that contain 'holiday,' 'Christmas,' 'Thanksgiving' or Black Friday and Cyber Monday should also be regarded with suspicion.

Quote
"In order to increase visibility, scammers often leverage hashtags in their posts, like #blackfriday, #cybermonday, and #giveaway. This makes these posts more likely to be shown to social media users, based on the social platform's algorithms, and also makes them searchable. Similarly, scammers may leverage fake accounts to like and share or retweet these scam posts, giving them more legitimacy" - ZeroFOX


Online shoppers also at risk

Cybercriminals diversify their activity and create fake websites for popular brands. ZeroFOX researchers filtered 124,000 domains containing a brand name by the certificate issuer to determine how many were imitating a legitimate business.

Of the 26 brands selected for the report, Apple, Amazon, and Target were the most impersonated. Other big names in the same situation are Tiffany, Sony, Samsung, and Microsoft.



The number of fake websites popping up during the holiday season is on the rise this year, researchers from Check Point note in a report today. Compared to 2018, they observed a %233 increase in phishing URLs for online stores this year.

ZeroFOX says that the fraudulent domains they found can be spotted as they typically combine specific keywords ('login,' 'verify,' 'free,' 'deal,' 'verification,' 'coupon') with a call to action like logging in or verifying an account to continue. Some of the words

The researchers note that they did not check all the domains that came up during their search but the probability of them serving content is high since they all had a TLS certificate, which requires extra effort.

A small sample of the websites was verified, though, and the results were expected: phishing, giveaway/coupon scams, and some dubious Chrome extensions.



The extension in the image above was served from a domain that impersonated Walmart and had more than 60,000 installations and many negative reviews.

Caution during the holiday season is well recommended by security researchers as cybercriminals are getting more creative by the year. It is easy to impersonate a popular brand these days but not becoming a victim is not that difficult.

A legitimate giveaway does not normally ask for more information than a contact detail, most of the time an email address, ZeroFOX notes. If more details are requested, chances are it is a scam.

Some advice to avoid falling to a scam:

   1. Be mistrustful of deals that are too good to be true. Huge discounts delivered over email
       from unknown senders are likely bait for a scam.

   2. Domain names for popular brands that have spelling errors or mistakes are not genuine

   3. Don't click on links in emails or social media posts; instead, search the web for a brand's
       legitimate website to browse the deals available

source
Logged


Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page November 28, 2019, 01:04:44 PM