A stark new warning has just been issued for holiday shoppers with indications that “we might be in for a particularly risky holiday window” as threats surge 89%. This comes hot on the heels of recent warnings that malicious websites, SEO poisoning and phishing attacks are all on the rise.
Check Point’s report, released Tuesday, paints a bleak picture as “cyber criminals are putting in overtime—with Black Friday and Cyber Monday approaching, threat actors are poised to take advantage of consumers hoping to shop the yearly discounts.” Chrome, Safari, Edge and Firefox control more than 90% of the browser market between them, and this new warning applies to all those users.
Alarmingly, Check Point’s data suggests that while a holiday season scams are all too normal, this year’s “surge in websites related to Black Friday is 89% higher than the surge in the same period last year.” We already know that almost all these websites and email offers are scams. “Nearly all of these sites impersonate well-known brands, and almost none are classified ‘safe’,” Check point warns.
And while ordinarily these “deals that might seem out of place,” the fact it’s Black Friday makes the too good to be true discounts look enticing and compelling, readily “tricking a consumer into entering sensitive details, like payment info or a set of credentials, into the fraudulent site.”
Almost all these websites are simple phishing traps, “passively harvesting user credentials from deal-seekers. The variety of impersonated sites ranges widely, from global behemoths to smaller, but still prominent, boutiques.”
Check Point provides examples of the fake URLs designed to trick users:
- Stüssy (Steatwear): stussycanadablackfriday[.]com
- Longchamp (Bags): longchampblackfriday[.]com
- Wayfair (Online Home Store): wayfareblackfriday[.]com
- SOREL (Footwear): soreloutletblackfriday[.]com
- Crew (Retail): jcrewblackfriday[.]com
- IUN (Footwear): blackfriday-shoe[.]top
What is interesting—and again a pattern we’ve seen elsewhere this holiday season—is that there are common components across websites that suggest “a central group might be behind a network of retail phishing platforms.” This is Black Friday scamming conducted on an industrial level and they are coming for your cash.
Check Point also highlights “AI tools including generative AI platforms” that help threat actors “deliver convincing phishing emails directly to consumer inboxes.” The concept of operations is all too familiar, though. Discounts, exclusive offers and access, short time-windows that create a sense of urgency. And the new twist—Quishing, the use of malicious QR codes, “designed to bypass traditional email filters.
Check Point advise the following 5-steps to staying safe, it’s critical that with the holiday season now here all browser users follow the guidance from now on.
- “Check URLs closely for misspellings or unusual host domains.
- Make sure the url starts with “https:// and shows a padlock icon, certifying a secure connection.
- When emails come in, reference the sender against emails you know to be real. Don’t click anything you’re not sure about.
- Don’t blindly click through on QR codes.
- Never input unnecessary details like your social security number, and avoid inputting extra info like your birthday where it’s not required.”
It is getting harder to tell real from fake and so it’s fine to be overly cautious. Don’t feel the need to click on an email offer, you can usually find the site via Google and access offers from there. And always take a moment to reflect and double-check before entreating any personal information and especially financial details.
“Cyber criminals rely on carelessness as much as on technical vulnerabilities,” Check Point says, “perhaps even more. We see breaches from stolen user credentials more often than anything else. By paying careful attention to a few simple security steps online, consumers everywhere can keep the door shut on cyber criminals, and enjoy the holidays with friends and family instead of fraudsters.”
