News / Hackers may target shoppers with phishing attacks on Cyber Monday
Hackers may target shoppers with phishing attacks on Cyber Monday
13 November 2017 |
Cyber Monday is here, and if you're planning to go online to enjoy some of the best deals out there, here are a few cyber risks that you need to guard against.
Millions of online shoppers in the UK could be putting themselves at risk of financial fraud and identity theft on Cyber Monday.
Around the same time last year, Financial Fraud Action UK (FFA UK) urged online shoppers to be vigilant against fraudsters' tactics and pause before clicking the "buy" button, ahead of shopping bonanzas Black Friday and Cyber Monday when retailers offered an array of limited time offers and discounts.
According to the watchdog, 31% of people who buy goods on the internet are more likely to take a financial risk, such as shopping on an unfamiliar or unsecure website, and thereby fall victim to multifarious cyber risks.
Despite a slowdown in the UK's retail sector, millions of citizens are expected to go online and satisfy their Christmas bucket lists this year while saving a lot of money on one-time deals and meaty discounts.
According to threat intelligence firm Domain Tools, around 20 per cent of UK shoppers have so far been victimised by phishing tactics, with a number of them being duped more than once. A survey conducted by the firm also revealed that almost 30% of people in the UK will shop during Cyber Monday and a further 37% are yet unsure if they'll go online.
With online shoppers more receptive to new offers and discounts during shopping fests like Black Friday and Cyber Monday, the firm believes hackers will exploit this fact to launch thousands of phishing attacks on such days. A bulk of such phishing attacks will use known brand names such as Amazon, Tesco, John Lewis, Sainsbury's, Debenhams, and Apple on e-mails to trick users into sharing personal or financial information, or into purchasing fake goods online.
Hackers may also use fake domain names such as Amazonsecure-shop[.]com, Amazn[.]com, Amazoncom[.]me or starbucks[.]com-latte[.]us on e-mails to trick customers. As such, rather than clicking on such spam e-mails, you should visit company websites directly to view product deals and offers.
'Phishing attacks prey on human habits such as pattern recognition and distraction. While emails sent from Nigerian princes are easy to spot, today you’re much more likely to receive a note purportedly from a www[.]amaz0n[.]com that tricks you into sharing personal or financial information, or into purchasing fake goods online,' the firm added.
The survey revealed that the brands most likely to be targeted in the UK this November include Amazon (88%), Argos (46%) and Tesco (35%). It also revealed that as a result of online shopping during fests, 24% of respondents reported that their computers got infected with viruses, 20% reported that either their credit card details or personal information were stolen, and another 8% said they lost money on deals that never existed.
In fact, 53% of shoppers in the UK admitted that they clicked on links or e-mails that they thought were from a trusted brand only to find out later that they were attempted scams. However, only 20% of respondents admitted being aware of spoofing scams when hackers send emails or set up websites that look like trusted brands with the goal of trying to trick shoppers into sharing personal information or buying fake products.
As such, it is possible that a lot of people will click on fraudulent links and emails during Black Friday and Cyber Monday, thereby exposing themselves to online fraud and identity theft.
To guard against such tactics, you should look closely at URLs for typos, look out for domains that have added affixes, visit company websites directly, and ensure your devices have malware detection tools to prevent potential malware infections.
Latest posts by Jay Jay (see all)
- Classified Ministry of Defence data lost to 37 cyber incidents in 2017 - 16th October 2018
- Facebook’s access token breach impacted 30 million user accounts - 15th October 2018
- Dropbox: most impersonated company for phishing attacks in first half of 2018 - 12th October 2018
- UK ratifies Convention 108 that safeguards personal data at international level - 12th October 2018
- DHSC reveals WannaCry ransomware attack cost the NHS £92 million - 11th October 2018