Woburn, MA – November 23, 2022 – Kaspersky researchers have reported that the number of attacks via banking Trojans doubled in 2022 compared with 2021, reaching almost 20 million attacks. Meanwhile, cybercriminals also developed new scams for the holiday shopping period, including a new scheme exploiting Buy Now Pay Later (BNPL) services. These are some of the findings from Kaspersky’s “Black Friday on alert: e-shopping threats in 2022” report aimed at educating users on staying safe during the sales season.
Banking Trojans are widely used tools in the arsenal of cybercriminals profiting from the holiday shopping season. Once the user browses in an online store, the Trojan saves all the data the user enters into the website’s forms. This means cybercriminals get access to a credit or debit card number, expiration date and CVV, and the victim’s site login credentials. Having obtained this information, the attackers may use it to empty the user’s bank account, use their card details for purchases or sell the data in the dark web.
After a rapid drop in the number of attacks with banking
Trojans in 2021, cybercriminals returned to this type of threat with renewed
strength. In 2022, the number of attacks doubled compared to the same time
period in 2021. From January to November, Kaspersky products detected and
prevented almost 20 million attacks, meaning that the overall growth in the
number of detections is 92%.
The sales season inevitably attracts the attention of shoppers and retailers. However, it is also a favorite time for cybercriminals, who do not hesitate to exploit online customers. Cybercriminals create juicy offers that are fake and expire quickly, so the user must hurry to get the goods for free or at the lowest price. This is where cybercriminals catch customers who are hungry for freebies and don't look carefully at the site where they are entering their data.
In 2022, Kaspersky experts also found numerous examples of phishing pages for the first time abusing BNPL services. These tools allow customers to split the cost of the purchase into several interest-free installments. Therefore, these services appeal to consumers, especially younger people, and have proven to be particularly popular during shopping periods such as Black Friday.
An example of this scam is the misuse of a popular service named Afterpay (Clearpay in the U.K. and Italy), with 20 million active users across the world. Perpetrators set up a page mimicking the official website, tricking unsuspecting victims into entering their credit card numbers and CVVs into a fake form. After the user has entered their details, cybercriminals will try to steal as much money as possible from this card, emptying the victim's wallet.
The phishing page mimicking Afterpay is aimed at gaining access to a potential victim's account.
“The shopping event of the year, Black Friday, is a hot time not only for sellers and their buyers, but also for scammers who want to steal as much money as possible from hurried customers. The new scheme exploiting Buy Now Pay Later (BNPL) services only proves that cybercriminals do not stop in their desire to attack victims and come up with new methods to do so. On ordinary days, the customer can easily understand: if the product is too cheap, it's most likely a scam, but during the Black Friday sales period this fact isn’t so clear. Shoppers become less vigilant and are therefore an easy target for cybercriminals. That's why it's so important to pay attention to which site you buy from, be careful with unfamiliar companies and use a reliable security solution.”
To learn more about Black Friday tricks and scams, read the full report on Securelist.
To enjoy the best that Black Friday has to offer this year, be sure to follow a few safety recommendations: said Olga Svistunova, security expert at Kaspersky.
Protect all the devices you use for online
shopping with a reliable security
solution. Do not trust any links or attachments received by mail;
double-check the sender before opening anything.
● Double-check e-shop websites before filling out any information: is the URL correct? Are there any spelling errors or design bugs?
● In order to protect your data and finance, it is best practice to make sure the checkout page is secure, and that there is a locked padlock icon beside the URL.
● If you want to buy something from an unknown company, check reviews before making any decision.
● Despite taking as many precautions as possible, you probably won’t know something is amiss until you see your bank or credit card statement. So, if you’re still getting paper statements, don’t wait until they hit your mailbox. Log in online to see if all of the charges look legitimate – if not, contact your bank or credit card company immediately to fix the situation.
Sawyer Van Horn