The holidays are coming, the shopping spree is on! But guess what? Hackers are on too. Don’t let your guard down, researchers say!
In the past week, more than 100.000 copycat sites were found using valid certificates to look more convincing.
Everyone must know that we have entered that time of the year when hackers are going after shoppers with full power. If the trend keeps this speed with more than 100,000 lookalike domains mimicking legitimate retailers per week, researchers estimate that by the and of the holiday season more than 1.000.000 will be all over cyberspace.
A freshly released cybersecurity report shows the retail industry is experiencing more breaches than any other industry in 2019 as hackers consistently phishing for shopper information.
This kind of behavior is normal if we look for example at the 2018 holiday; then the e-commerce sales were responsible for $126 billion in sales, a 16.5 percent increase from the $108.2 billion generated in 2017.
Researchers are saying that this increase in consumer spending will be normally followed by a flood of cyberattacks because hackers are always prepared to profit from anything that makes big money.
Phishing sites analysis:
While inspecting a fraud site researchers found that it is using a trusted, valid TLS certificate. This practice makes the phishing websites appear valid, in order to convince consumers to enter their private account and payment data into online forms.
This year’s explosion of copycat sites more than doubles the number seen last year, meaning that the total number of look-alike domains is more than 400% greater than the number of authentic retail domains.
Who is affected?
The malicious domains targeted 20 major retailers in the U.S., UK, France, Germany, and Australia, just on the Black Friday event; more interesting is that one US retailers have more than 49,500 look-alike domains targeting its customers.
How does fraud work?
Typically fraud domains have URLs that are identical to the real thing except for having, most of the one letter transposed, replaced or added. In terms of colors, branding, and functionality, they closely mimic legitimate, well-known retail websites.
Fast protection guide:
do not open links received via threatening, urging or warning emails received from legitimate look-alike mail domains
double-check or triple check the domain name of the well-known site even when you access it from well-designed ads or promotional announcements
do not fallow offers that you find on shady facebook groups or similar cyber locations
We continue to see rampant growth in the number of malicious, look-alike domains used in predatory phishing attacks. This spike in malicious sites is a direct result of the push to encrypt more and potentially all web traffic, a trend that generally improves security for users but inadvertently introduces a new challenge to existing methods of phishing detection.