Cybercriminals are taking advantage of the biggest buying time of the year – Black Friday and Cyber ââMonday – with security experts already seeing an increase in counterfeit e-commerce sites that appear to be legitimate brands .
As the bargain season approaches, researchers at FortiGuard Labs, the research arm of security firm Fortinet, have warned that while online shopping scams are not new, this year more customers are likely to buy online during the Black Friday period.
This will lead to a significant increase in scams using sophisticated methods to trick online shoppers into buying from bogus domains, they say.
It comes as the COVID-19 pandemic has fundamentally changed online shopping trends across the world, fueling a dramatic increase in the number of online shoppers.
According to research, around 30% of all retail sales occur between Black Friday (which begins November 26 this year) and Christmas Day.
Brick and mortar stores and e-commerce stores are expected to generate a significant portion of their annual revenue over this shopping âvacationâ weekend, often allowing retailers to catch up and save time. achieve goals and sales figures for the year.
FortiGuard Labs claims to have already encountered more than 20 new fake websites created by criminals in October.
âWe recently discovered an active live scam that exploits the looks of the world’s largest companies and their respective brands, aimed at coercing and luring victims into making purchases on their site,â according to Val Saengphaibul, security researcher at Fortinet.
“These sites are in no way affiliated with the brand / IP owner and are recognizable in part because they use the same template over and over again in a digital game of whack-a-mole (meaning that as soon as one site is closed, another immediately appears elsewhere).
Several of the top brands the research company has documented include: Blink (Amazon), Oculus (Facebook), Shimano (bikes), Coleman (camping gear), Ninja (home appliances), and Nu Wave (home appliances).
The websites observed have the following characteristics in common:
- Domain names have only been registered for a few days to a few months.
- All sites are registered with the same registrar.
- They use the .TOP and .SHOP top level domains (.com is also common).
- They contain many grammatical errors and inconsistencies in the statements.
- Social media buttons don’t resolve anywhere, or go to accounts that don’t exist or have been deleted.
- Their web hosting providers use content delivery networks (CDNs) to remain anonymous (via an IP address that cannot be traced).
Boland Lithebe, Altron Systems Integration Security practice manager, explains that to avoid being victimized, e-merchants should monitor their online footprint for any instances where their brand or associated assets are being used without authorization.
âHackers frequently use trademarks of well-known brands to create phishing sites and trick consumers into revealing personal information. Likewise, consumers need to be able to easily find legitimate sites online, in order to reach the business from which they wish to purchase.
âBy staying on top of cybersecurity arrangements and anticipating to detect threats before they emerge, retailers can work with consumers to provide a safe and reliable shopping environment on the busiest day of life. the year, ânotes Lithebe.
According to a study conducted last year by cybersecurity firm Kaspersky, more than four in five consumers (84%) are willing to share personal information with retailers in order to save money on their Christmas shopping.
The study found that the vast majority of shoppers are willing to take the risk of sending data such as email addresses and phone numbers to take advantage of the great deals they receive or see online. Fraudsters are therefore likely to take advantage of this increased drive to save money, which is in part fueled by the economic crisis caused by the COVID-19 pandemic.
According to FortiGuard Labs, websites and e-commerce software have evolved dramatically over the past decade.
âWith the widespread use of content management systems (CMS), where CMSs and shopping carts are often bundled with a CDN by a web host, bad actors are able to deploy e-commerce sites from record manner. As the price of CDN has fallen, many shopping carts web hosting providers also offer CDN services.
âThis has an added benefit for cybercriminals as it allows the original IP address to be masked, which means that many websites (good and bad) often share the same IP address. Not only does this make attribution difficult, but it gives a bad actor another layer of anonymity, âadds Saengphaibul.