Kaspersky Lab – Beyond Black Friday Threat Report, November 2017

The festive holiday shopping season, which covers Thanksgiving, Black Friday and Cyber Monday in late November as well as Christmas in December, now accounts for a significant share of annual sales for retailers, particularly in the U.S., Europe and APAC.

Those selling clothing, jewellery, consumer electronics, sports, hobbies and books can make around a quarter of their sales during the holiday period. In 2017, holiday sales in the U.S. alone are expected to be up by 3.6 to 4.0 per cent on the same time in 2016.

For brands looking to make the most of this annual spending spree, the desire to sell as much as possible at a time of intense competition is leading to ever more aggressive marketing campaigns – particularly online.

Promotional emails, banner ads, social media posts and more bombard consumers over the holiday months; generating a great deal of noise. Tactics such as one-click buying are designed to making the purchase process ever easier and faster. Further, up to three quarters of emails received on Black Friday and Cyber Monday are now opened on a mobile device. People are becoming used to making instant decisions – and that has significant security implications. They may miss vital signs that things are not what they seem and their data could be at risk.

All this makes this time of year an ideal hunting ground for hackers, phishers and malware spreaders; disguising their attacks as offers too good to refuse, a concerned security message from your bank requiring urgent attention, a special rate discount from your credit card service, and more. All you have to do is enter your personal details, card numbers or bank account credentials.

Not surprisingly, messages or links designed to look as if they come from well-known, trusted brands, payment cards and banks account for many of the malicious communications detected by Kaspersky Lab’s systems in the last few years.

Methodology and Key Findings

The overview is based on information gathered by Kaspersky Lab’s heuristic anti-phishing component that activates every time a user tries to open a phishing link that has not yet been added to Kaspersky Lab’s database. Data is presented either as the number of attacks or the number of attacked users. It updates the 2016 Black Friday overview report with data covering the fourth quarter of 2016 through to 18 October, 2017.

Key Findings:

  • Following a decline in 2015, financial phishing abusing online payment systems, banks and retailers increased again in 2016.
  • Financial phishing now accounts for half (49.77 per cent) of all phishing attacks, up from 34.33 per cent in 2015.
  • Mobile-first consumers are likely to be a key driver behind the rise in financial phishing: the use of smartphones for online banking, payment and shopping has doubled in a year, and mobile users will have less time to think and check each action, particularly if they are out and about.
  • Attack levels are now fairly consistent throughout the year; and Q4 data shows they are also more evenly spread in terms of the brand names the phishers make use of.
  • Data for both 2015 and 2016 shows a clear attack peak on Black Friday, followed by a fall. In 2016 the number of attacks fell by up to 33 per cent between Friday and Saturday, despite Saturday being the second biggest shopping day over the holiday weekend in the U.S.
  • Financial phishers are exploiting the Black Friday name in their attacks, as well as consumer awareness of, and concerns about online security – disguising their attack messages as security alerts, implications that the user has been hacked, or adding reassuring-sounding security messages.

Phishing – a universal threat

As earlier editions of the Black Friday overview have shown, phishing is one of the most popular ways of stealing personal information, including payment card details and credentials to online banking accounts. The schemes are fairly easy to set up, requiring limited investment and skills – and are mainly reliant on encouraging people to voluntarily part with their personal and financial information.

Originally spread mainly through emails – phishing attacks are now also carried out through website banners and pop-ups, links, instant messaging, SMS, forums, blogs and social media.

Percentage of users on whose computers Kaspersky Lab’s heuristic anti-phishing system was triggered as a proportion of the total number of Kaspersky Lab users in that country, Q1-Q3 2017

Continue reading…

 

Source: Securelist