Breaking News

Chinese Surveillance Firm Tracking Millions Of People Google Pushes Back Chrome modifications that Would Break Ad Blockers 5G Moto Mob Appears on FCC Certification Page, Will Limit Exposure to Millimeter Waves Razer Closes the Razer Game Store Apple to Unveil Newly-designed AirPods 2 this Spring: report

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Legacy
    • Media Tests
    • DVD Media Formats

    • Glossary
    • FAQ
    • Firmware
    • Drivers
    • BIOS
    • Software
  • Forum
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Happy Shopping But Beware of Phishing

Happy Shopping But Beware of Phishing

Enterprise & IT Nov 21,2018 0

November is the first month of the busiest shopping season of the year both in China (Singles’ Day) and elsewhere (Black Friday, Cyber Monday), so cybercriminals are also getting ready for phising attacks.

Singles’ Day in China begins on 11.11 and has morphed into one of the largest online (and offline) shopping days in the world. This year's Black Friday falls on November 23rd this year. It’s a great time for shoppers, but many people drop their guard and become the easy prey of cybercriminals.

In recent years financial phishing has made up at least a quarter of all annual phishing attacks. According to Kaspersky, in 2017, financial phishing exceeded half of the attacks. Safe to say, we can assume that this upward trend will continue for the rest of 2018.

Kaspersky's stats indicate that during this period, financial phishing accounts for an additional 10% share of all attacks. Outside the sale season, fraudsters favor banking clients.

On Singles’ Day, the cybersecurity research firm saw a spike in the number of attempts blocked by our security solutions to redirect users from dangerous resources. An upswing was recorded on November 9th, which is not surprising given that cybercriminals always start preparing in advance. Mass attacks are usually carried out shortly before the actual date of the sell-off. Phishing attacks against clients of Alibaba Group, the main player in Singles’ Day, had sharp hike upwards, about double compared to the average number of attacks in November.

How phising look like? Just have a look at the screenshot below, which depicts two websites using standard social engineering techniques: multiple mentions of "alibaba" in the URL to confuse inattentive or naive users, a copy of the company’s logo to add authenticity, and a flashy picture to divert attention.

US online giant, Amazon, matches Alibaba stride for stride in terms of both sales/promotions and cybercriminals looking to create fake versions of company sites.

Cybercriminals tend to use a similar formula on phishing attacks. Lucrative offers are first used as bait. But before the users can access the deal, they are instructed to fill out a form that asks for all their personal details. Address, phone number, etc. Once the form is completed, users are prompted to forward the link to their friends. Needless to say, the user never gets the deal: The victim is simply transferred from site to site, with countless pointless surveys.

There is a large number of registered (and thus far, dormant) sites like blackfridayscom.tld and black-fridaywalmart.tld. In the run-up to Black Friday, these websites are filled with content by cybercriminals looking to harvest personal and banking details of unsuspecting shoppers.

As a matter of fact, Kaspersky has started to see phishing activity for Black Friday 2018. Fraudsters have started to send out mass phishing e-mails leading to fake sites, impersonating stores that currently offer Black Friday specials.

The domain name of this fake store posing as Walmart speaks volumes about the event it was created for. The site follows the typical phishing formula. It hooks consumers with an irresistible price on a brand new TV. Once the checkout process begins, consumers obligingly fill out forms with their confidential data and unknowingly send payment to a private online wallet.

In regards to phishing e-mails, Kaspersky found a fake Black Friday promotion offering a free two-month subscription to Netflix. Users who want to redeem the promotion are directed to a scam Netflix site, which prompts them to enter their credit card information and other personal information. This data goes to the attackers, while the victim of the fraud receives nothing in return. Instead of a free Netflix subscription, the user gets their bank account hacked.

Also ahead of Black Friday, various fake online stores are set up, offering mouth-watering discounts on global brands. This means that if something online sounds too good to be true, it most likely is.

In order to understand if a store is real or fake, avoid stores registered on free hosting services. You should also carefully study the URLs of pages with forms requesting confidential data. If the address consists of a meaningless set of characters or the URL looks suspicious, do not proceed with payment.

If the store website arouses any sort of suspicion, look up the site on WHOIS for information about how long the domain has existed and who owns it. If the domain is fresh and registered to some mystery entity, take your business elsewhere.

In any case, when you are shopping onlime, get yourself a special card for online purchases and don’t keep large sums of money on it. Don’t visit shopping sites from links in e-mails, social media messages, and chat rooms, or by clicking/tapping advertising banners on suspicious sites. Try to avoid using public Wi-Fi hotspots for shopping purposes unless you use a a VPN. And before entering personal information, make sure that you are on the genuine site. The address bar should contain the correct URL, preceded by the letters "https" and/or a green padlock. If so much as one character in the domain name is wrong, don’t even think about entering any confidential data.

Tags: HackingBlackFriday 2018cybercrime
Previous Post
Foxconn to Cut Costs in 2019, Adding Gloom Surrounding Demand for iPhones
Next Post
Chinese Companies Adopt Nvidia's HGX-2 Server and Turing T4 Cloud GPU

Related Posts

  • Hacked Versions of Popular Apps Appear on iPhones

  • U.S. Justice Department Targets Botnet Used by North Korean Hackers

  • Fortnite Vulnerability Put Millions of Players at Risk

  • Two Ukrainians Indicted in Computer Hacking and Securities Fraud Scheme Targeting U.S. Securities and Exchange Commission

  • Ryuk Ransomware Estimated to Have Netted in $3.7 Million in BTC Value

  • Hackers Leak Personal Data of German Politicians

  • Hackers Attacked Chromecasts and Smart TVs to Promote PewDiePie’s channel

  • Hackers Attacked U.S. Newspapers

0 Comments

Leave a Reply

More information about text formats

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

BBCode

  • No HTML tags allowed.
  • You may use these tags: [abbr], [acronym], [b], [center], [code], [color], [define], [font], [h1], [h2], [h3], [h4], [h5], [h6], [hr], [i], [img], [justify], [left], [list], [node], [php], [quote], [right], [s], [size], [sub], [sup], [u], [url], [wikipedia], [youtube], [align], [link], [ol], [ul]
  • Lines and paragraphs break automatically.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.

Latest News

Chinese Surveillance Firm Tracking Millions Of People
Enterprise & IT

Chinese Surveillance Firm Tracking Millions Of People

Google Pushes Back Chrome modifications that Would Break Ad Blockers
Enterprise & IT

Google Pushes Back Chrome modifications that Would Break Ad Blockers

5G Moto Mob Appears on FCC Certification Page, Will Limit Exposure to Millimeter Waves
Smartphones

5G Moto Mob Appears on FCC Certification Page, Will Limit Exposure to Millimeter Waves

Razer Closes the Razer Game Store
Gaming

Razer Closes the Razer Game Store

Apple to Unveil Newly-designed AirPods 2 this Spring: report
Consumer Electronics

Apple to Unveil Newly-designed AirPods 2 this Spring: report

Popular Reviews

Zidoo Z9S 4K Media Player review

Zidoo Z9S 4K Media Player review

CeBIT 2005

CeBIT 2005

CeBIT 2006

CeBIT 2006

LiteOn iHBS112 review

LiteOn iHBS112 review

Nvidia GeForce RTX 2080 Ti and GeForce 2080 Founder's Edition review

Nvidia GeForce RTX 2080 Ti and GeForce 2080 Founder's Edition review

Sony NS955 DVD Player

Sony NS955 DVD Player

Toshiba Exceria M303 64GB and M501 Exceria Pro 64GB MicroSDXC review

Toshiba Exceria M303 64GB and M501 Exceria Pro 64GB MicroSDXC review

Ridisc Media Tests

Ridisc Media Tests

  • Home
  • News
  • Reviews
  • Legacy
    • Media Tests
    • DVD Media Formats

    • Glossary
    • FAQ
    • Firmware
    • Drivers
    • BIOS
    • Software
  • Forum
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed