Woburn, MA – November 20, 2023 – Kaspersky has released a new report revealing the latest shopping-related cyber threats in the run-up to Black Friday. The findings expose more than 13 million online shopping-related phishing attacks in 2023, with scammers mimicking popular marketplaces, luxury brands, and gadget stores.
In the first ten months of 2023, Kaspersky identified 30,803,840 total phishing attacks targeting online shopping, payment systems, and banking institutions, with e-commerce platforms used as a lure in 43.5% of the attacks (13,390,142 attacks).
Since October, a notable threefold increase in domains using the words "Black Friday" has been observed. Websites in these domains range from nonexistent stores to convincing replicas of real online outlets. Kaspersky has consistently identified numerous fake stores offering clothing, appliances, and gadgets since the beginning of fall. The most prevalent schemes involve fraudulent stores where individuals pay for products they never receive.
Another scheme involves linking a card to pay for goods, allowing scammers to gradually withdraw money and empty victims’ accounts. For instance, a deceptive website mimics a well-known shopping platform, enticing users with an offer to acquire an €800 gift card for €1.95. As the promised gift card is nonexistent, users lose money to the scammers behind the fraudulent setup.
Example of an online shopping phishing page
The research revealed that fraudsters often targeted potential victims with phishing attacks that imitated major ecommerce platforms including Amazon, eBay, Walmart, Alibaba, and Mercado Libre. Attacks also often used luxury brands as a lure.
Scammers also target tech enthusiasts by mimicking Apple products and services around Black Friday. Kaspersky products have detected 2.8 million such phishing attacks from January to October 2023.
Additionally, Gamers find themselves ensnared by console scams, expecting a deal but being left with nothing but data theft.
Example of an XBox gift card scam
“Online shopping, particularly during peak events like Black Friday, is a prime target for deceptive schemes,” said Olga Svistunova, security expert at Kaspersky. “Fraudsters intensify their activities, capitalizing on the surge in online traffic and shoppers’ desire for deals. It’s crucial to be discerning and adopt secure online practices, protecting yourself against potential threats while enjoying the benefits of the digital marketplace.”
To learn more about shopping threat landscape in 2023, visit Securelist.com.
To enjoy the best that Black Friday has to offer this year, be sure to follow a few safety recommendations:
· Do not trust any links or attachments received by mail; double-check the sender before opening anything.
· Double-check e-shop websites before filling out any information: is the URL correct? Are there any spelling errors or design bugs?
· Protect all the devices you use for online shopping with a reliable security solution. Kaspersky Premium protects its users from the full range of shopping scams.
· If you want to buy something from an unknown company, check reviews before making any decision.
· Despite taking as many precautions as possible, you probably won’t know something is amiss until you see your bank or credit card statement. So, if you’re still getting paper statements, don’t wait until they hit your mailbox. Log in online to see if all of the charges look legitimate – if not, contact your bank or credit card company immediately to fix the situation.
Sawyer Van Horn