Connect with us

Hi, what are you looking for?

HEADLINES

Online payment fraud increases by 208% amid Black Friday season

The sales season attracts the attention of shoppers and retailers; however, it is also a favorite of cybercriminals who do not hesitate to cash in on online shoppers by creating fake pages mimicking the biggest retail platforms and e-payment systems.

The growth of phishing attacks mimicking e-payment pages was spotted in the run-up to the Black Friday period. The total number of financial phishing attacks disguised as e-payment systems more than doubled from September (627,560) to October 2021 (1,935,905), indicating a 208% increase. This and other findings are in Kaspersky’s ‘Black Friday 2021: How to Have a Scam-Free Shopping Day’ report.

The sales season attracts the attention of shoppers and retailers; however, it is also a favorite of cybercriminals who do not hesitate to cash in on online shoppers by creating fake pages mimicking the biggest retail platforms and e-payment systems.

During the first ten months of 2021, Kaspersky products detected more than 40 million phishing attacks targeting e-commerce and e-shopping platforms, as well as banking institutions. While stores rebounded in 2021 after a difficult 18 months and shoppers returned to offline shopping, Kaspersky researchers didn’t observe the typical seasonal trends for phishing related to online shopping such as the significant influx of phishing pages with too good to be true sale offers or growth of retail-related scam.

However, there is one notable exception. In 2021, the total number of financial phishing attempts targeting e-payment systems more than doubled from September (627,560) to October (1,935,905) — a 208% increase. Indeed, this year we have seen the introduction of new payment systems in various countries due to their unmatched convenience. As consumer adoption has skyrocketed, fraudsters started to actively exploit such systems as a lure to spread malicious activity.

Advertisement. Scroll to continue reading.

There also has been a rise in the number of spam letters detected by Kaspersky’s products. An active spread of spam emails with 221 745 emails containing the words “Black Friday” was spotted during the month amid the sales season, from October 27 to November 19. 

Kaspersky researchers have also analyzed which popular platforms were used as bait to spread phishing pages. The results showed that Amazon was consistently the most popular lure used when looking at the total number of phishing attempts using its name. For the majority of 2021, the second most popular was eBay, followed by Alibaba and Mercado Libre.

The number of phishing attempts using shopping platforms as a lure in 2021

“We always witness intensified scamming activity amid the Black Friday season. Perhaps a bit more unexpected is the attention being paid to e-payment systems. This time, we discovered a huge increase by 208% in a number of attacks mimicking the most popular payment systems. Of course, every new payment application is seen by scammers as a new opportunity to potentially exploit users,” says Tatyana Shcherbakova, a security expert at Kaspersky. 

“So, in order to protect your data and finances it will be a safe practice to make sure the online payment page is secure: you’ll know it is if the web page’s URL begins with HTTPS instead of the usual HTTP and an icon of a lock will also typically appear beside the URL,” adds Tatyana.

To enjoy the best that Black Friday has to offer this year, be sure to follow a few safety recommendations:

  • Use a reliable security solution, such as Kaspersky Security Cloud, that identifies malicious attachments and blocks phishing sites – both on your computer and mobile device
  • Do not open attachments or click on links in emails from banks, e-payment apps, or shopping portals, particularly if the sender insists on it. It is better to go to the official website directly and log in to your account from there
  • Double-check the format of the URL or the spelling of the company name, as well as read reviews and check the domain’s registration data before filling out any information
  • Be wary of any deals that seem too good to be true – they usually are

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

In rigorous evaluations conducted by prestigious cybersecurity testing organizations, Kaspersky Plus (starting in Q4 2024, Kaspersky Premium), Kaspersky Endpoint Security for Business (KESB), and...

HEADLINES

"Given the Philippines' high exposure to cyber threats, it's important for both individuals and businesses to stay vigilant," said Adrian Hia, Managing Director for...

White Papers

When compared to 2023, Sophos saw a 51% increase in abusing “Living off the Land” binaries or LOLbins; since 2021, it’s increased by 83%.

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

To stay ahead of these challenges, organizations need to invest in AI-driven defenses, transition to quantum-safe encryption, and adopt a Zero Trust approach to...

HEADLINES

There was a 121% Year-on-Year (YoY) increase in identity fraud in 2024 across the region, with significant surges recorded in Singapore (207%), Thailand (206%)...

HEADLINES

As part of RCBC’s 2024 Cybersecurity literacy program, the webinar aims to help Filipinos level up their online banking safety by providing them with...

White Papers

The survey found that CXO’s feel less prepared than their global peers. Less than half or 48% in APAC said they felt completely prepared...

Advertisement