Cybercriminals Love Cyber Monday Too: What to Look Out For

It's Cyber Monday (News - Alert) again, and while e-commerce companies are preparing for an onslaught of shoppers, they are also heightening their awareness and preparation for potential cyberattacks.

The Monday following the US Thanksgiving weekend means shoppers can get great deals on products and take advantage of offers by small, medium and large retailers.

Unfortunately, the run on deals also presents an opportunity for malicious actors to prey upon those who are seeking to take advantages of those offers and compromising some of those millions of shoppers in search for great deals.

Not only are the shoppers targeted but also the shops themselves are heavily targeted. Past experiences defending very large online shops during high season shopping have shown me that many campaigns are planned well in advance and that many times, criminals follow to the date and the very specific product detail offers that shoppers may publish in order to orchestrate their attack campaigns.

Rod Soto, Director of Research at security technology and services company JASK says, “Malicious actors know that in order to sell anything a store needs to be online during critical periods, this includes the capability to advertise and operate dynamically as the volume of sales may increase or shift to specific products. This is how extorsion campaigns operate in high shopping season, as many malicious actors have the capability of affecting or even preventing stores to operate online.”

Soto continued, “As many established online shops and financial institutions have security measures to detect fraud and stay operative, malicious actors will focus on the weakest link of the security chain the consumer,” and pointed out that the “top threats to Black Friday (News - Alert) shoppers are mainly centered in the human vulnerability of being tricked into revealing confidential information or even performing a series of acts that bypass security controls resulting in compromise.”

Soto listed several known attack vectors:

• Phishing: A misleading communication sent to victim specially crafted and worded (SMS, Email, Facebook, LinkedIn, etc)even with real elements of the impersonated store (i.e Real customer service number or help email)that has malicious links embedded to it and that once opened leads victim to execute malicious code or to a clone site of impersonated store. This store may even feature same items as advertised in real one but in reality is fake and it’s there to steal shoppers information.
• Crimeware: Malicious code usually delivered by similar means or by compromising actual store site pushing it to visitor. Once installed, crimeware can be crafted to lurk and wait for victims to visit specific shops or banks and steal their personal and financial information. Banking trojans are some of the most profitable crime tools in the underground.
• Counterfeit/Pirate merchandise. Even though large e-commerce retailers do their best to monitor this activity it is possible that some seasonal shops may not be selling legitimate goods. Be careful with some fake store reviews as they may be placed to mislead victims into purchasing counterfeit/pirated merchandise. Some of these goods if purchased may not even get delivered.

Soto also warned that consumers may be compromised when using free WiFi (News - Alert) at airports, hotels, and coffee shops. “Some deals cannot be missed, and criminals know it too. Hacking WiFi and intercepting traffic does not require sophisticated skills. Also, many times people will pull their credit cards and place them in plain view or even read them loudly over the phone. These opportunities may occur more often during seasonal shopping and criminals will be there as well.”

Despite the above threats, Soto said there are things that consumers can and should do in order to protect themselves including:

• Use a credit card. Get a credit card only for shopping, keep all your online purchases in that card. Credit cards usually have good fraud protection and shopping insurance.
• Avoid using debit cards or wire transfers, once money is deducted, money is gone...
• Shop with known platforms. There are certainly online shops you already use and have experience with and possibly bookmarked (Amazon, Walmart, Target (News - Alert), Macy’s). “Regardless of how attractive those offers look from unknown or new places, stick to what you know and you are likely to avoid a lot of scams during those shopping times.”
• Use common sense. If it is too good to be true it is probably fraudulent. Phishing emails themed with incredible offers that may be slightly modified to mislead the reader to click on malicious links. Instead of clicking on links embedded emails, go directly to the desired shopping website.  Have your favorite shopping sites bookmarked.
• Use muti-factor authentication where available in online shopping places, this gives you an additional layer of protection.
• Never repeat your passwords in other online shops, use password managers (LastPass, Keeper, etc) to generate strong and random passwords. Physical tokens for multi-factor authentication such as Yubikey or Google (News - Alert) titan key are also recommended where applicable.
• Make sure your computer is up to date with patches and security fixes. There are many antivirus products that can certainly provide another layer of protection.
• Distrust any requests for a password or personal information changes from online shops or financial institutions or any online service you use unless initiated by you.

Soto says the above items should give consumers a good level of security, but that they should also remember to be cautious and use common sense as malicious actors are very clever and may even be able to successfully compromise even the most trusted online stores.

“Apply these principles not only to yourself but your family as they are part of your close circle and likely part of your attack surface," Soto summarized.