Cybersecurity experts have issued a warning to web users ahead of the holiday season, alerting them to the surge in online shopping threats on Black Friday and Cyber Monday. A new campaign by SilkSpecter has emerged, using legitimate payment processing providers to steal sensitive information from unsuspecting shoppers.
The threat actors are using various tactics to deceive victims, including:
* Phishing domains that use typosquatting to trick users into visiting malicious websites
* Scammers impersonating major retailers and sending fake emails with links to scam websites
* Fake product listings and metadata to make them appear near the top of search engine rankings
The attacks can also lead to serious consequences, including:
* Stealing cardholder data, sensitive authentication data, and personally identifiable information (PII)
* Impersonating financial institutions or well-known e-commerce platforms to gain unauthorized access to accounts
* Initiating fraudulent transactions
To avoid falling victim to these threats, shoppers should look out for the following signs:
* Too-Good-to-Be-True deals
* Poor design, typos, and insecure payment methods
* Lack of or suspicious contact information
* Unclear return or shipping policies
Cybersecurity experts have detected almost 200,000 “Black Friday-themed spam messages” since the beginning of the month, with this year proving to be a boom year for scammers.
Source: https://www.forbes.com/sites/zakdoffman/2024/11/19