Scammer Black Friday offers: Online shopping threats and dark web sales

[harlan4096]

Intro

The e-commerce market continues to grow every year. According to FTI consulting, in Q1 2024, online retail comprised 57% of total sales in the US, and it is expected to increase by 9.8% over 2023 by the end of this year. In Europe, 72% of those aged 16–74 buy online, their share growing by the year. Globally, according to eMarketer, e-commerce sales are to reach $6.9 trillion by the end of 2024.

At Kaspersky, we closely monitor the evolving landscape of shopping-related cybersecurity threats. Each year, we track how cybercriminals target this rapidly expanding sector and the challenges they pose to consumers, especially during peak shopping seasons. As shoppers seek the best deals in the run-up to major sales events like Black Friday, cybercriminals and fraudsters gear up to exploit this demand, attempting to steal personal data, funds, and spread malware through deceptive shopping lures.

This report continues the series of annual analyses we’vewe published on Securelist in 2023, 2022 and 2021, which track the evolving landscape of shopping-related cybersecurity threats. In it, we present our findings on the dynamic nature of shopping threats, with a particular focus on the tactics used by cybercriminals during Black Friday, and offer insights into how consumers can stay safe in the face of the growing risks.

Methodology

To assess the current state of the shopping threat landscape, we conduct an annual analysis of various threat vectors. These include financial malware, phishing sites impersonating major global retailers, banks and payment systems, and spam emails that may lead to fraudulent websites or spread malware. This year, we also specifically analyzed the rise of fake mobile applications designed to steal shopping data. The threat data we rely on is sourced from Kaspersky Security Network (KSN), which processes anonymized cybersecurity data shared consensually by Kaspersky users. This report draws on data collected from January through October 2024.

Key findings

• In the first ten months of 2024, Kaspersky identified more than 38 million phishing attacks targeting users of online stores, payment systems, and banks.
  
• As many as 44.41% of these attacks targeted banking service users.
  
• We detected 198,000 Black Friday-themed spam messages in the first two weeks of November.
  
• More than 13 million banking trojan-related attacks were detected in 2024.
  
• Despite the high number, the overall activity of PC banking trojans continues to decline.
  
• Credit card data is widely offered on the dark web, alongside shopping accounts.
  
• Dark web sellers offer Black Friday discounts, just like regular shops.
  

Shopping fraud and phishing

Phishing and scams are among the top threats for online shoppers. Fraudsters often create fake websites, emails or ads that closely resemble those of legitimate retailers. Given that shoppers are often busy or distracted, they may not take the time to carefully review links or emails, which makes them more vulnerable to these threats.

Kaspersky’s automated technologies are designed to detect and prevent various forms of financial phishing and scams that fraudsters run during the Black Friday season, including fake pages that mimic bank websites, payment systems such as PayPal, Visa or Mastercard, and online stores such as Amazon, eBay or AliExpress. These pages may target victims’ login credentials and payment information or trick users into transferring money to the scammers. Additionally, they may also steal other personal details from unsuspecting shoppers.

From January through October 2024, Kaspersky products successfully blocked more than 38,473,274 attempts to access phishing links targeting users of online shopping platforms, payment systems and banks. This represents a significant increase of 24.9% over the same period last year, when 30,803,840 phishing attacks were recorded.

If we break this down, 44.41% of these phishing attempts targeted users of banking services, 18.01% mimicked payment systems, and 37.5% attempted to impersonate e-shops. Notably, there has been a shift in the types of targets. While last year online store impersonation accounted for the largest share (43.47%), this year, attacks targeting banking users became prevalent, increasing slightly from 35.19%.

 

Although the share of online store phishing and scams dropped insignificantly against 2023, the overall number of detected attempts to follow a phishing link grew slightly from roughly 13 million to 14,428,512. The top brands mimicked by the scammers remained the same as in the previous year, however, our analysis revealed that the overall number of phishing attacks per examined platform in 2024 appeared somewhat lower than in 2023. Given the growth in the number of all online store-themed phishing attempts, this may mean that the attacks have become more targeted and region-specific or that the number of platforms mimicked by the fake sites has increased.

Continue Reading...