Woburn, MA – November 17, 2017 – Annual sales on Black Friday and Cyber Monday offer incredible savings opportunities for consumers, but according to Kaspersky Lab these are also peak days for financial phishing attacks. Kaspersky Lab's annual review of phishing attacks during the holiday sales season found that consumers are significantly safer on ‘Gray Saturday,’ when the number of such attacks can decrease by as much as 33 percent, despite it being a top shopping day.
With U.S. consumers expected to spend an average of $967.13 during the holiday season this year, cybercriminals will be looking for ways to divert some of that money into their own wallets. Impersonating a retail brand through phishing attacks is one way that cybercriminals can effectively target consumers during the holiday shopping season. Traditionally distributed by email, phishing attacks can also lure consumers through web links, ad banners, social media and more. These attacks aim to persuade people to provide their personal financial data, such as bank account information, credit card details or account passwords, under the assumption that they are dealing with the actual, reputable brand.
The day after Black Friday, dubbed by Kaspersky Lab as ‘Gray Saturday,’ represents a rare moment of respite from cybercriminals in an increasingly busy holiday shopping season. Kaspersky Lab research found evidence of a dip in financial phishing attacks on Gray Saturday in both 2015 and 2016. In 2016, there was a decline of 33 percent in the number of attacks mimicking popular online retail and payment brands on this day (from around 770,000 to 510,000 detections), despite it being the second biggest shopping day of the holiday season.
The change in the number of phishing attacks using names of popular retail, banking and payment brands during Black Friday week in 2015 and 2016 (data from all Kaspersky Lab security components – heuristic, offline and cloud detections)
“The rise in people using online payments, banking and shopping means that financial phishing attacks are now consistently high all year round, but the holiday season makes it so much easier to hide in the noise,” said Nadezhda Demidova, lead web-content analyst, Kaspersky Lab. “At this time of year, marketing and advertising levels go through the roof, and with consumers increasingly making their transactions on mobile devices – often while out and about and in a hurry – almost everyone is more exposed and has less time to think and check. On Gray Saturday, we have seen the number of phishing attacks drop significantly. Weekends generally see lower numbers of attacks and fewer people online, but on this big shopping day that’s an extra advantage. We expect this trend from 2016 to continue in 2017, so if you plan on shopping online these holidays, choose the day wisely.”
Other key findings of the Kaspersky Lab report include:
In order to stay protected while shopping online – not only during the holiday season, but also throughout the year – Kaspersky Lab offers the following advice:
The Kaspersky Lab holiday season financial phishing overview is based on information gathered by the company’s heuristic anti-phishing component, which activates every time a user tries to open a phishing link that has not yet been added to Kaspersky Lab’s database.
To learn more about the latest holiday season phishing trends and examples, please see the Beyond Black Friday Kaspersky Lab Threat Report on Securelist.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company celebrating its 20 year anniversary in 2017. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
For the latest in-depth information on security threat issues and trends, please visit:
Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter
Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter
Media Contact
Meghan Rimol
781.503.2671