How cybercriminals adjusted their scams for Black Friday 2021


Black Friday is approaching and cybercriminals are tweaking their malware droppers, phishing lures and bogus sites as shoppers prepare to open their wallets.

As Kaspersky researchers point out, scammers are already targeting people with fake 2022 FIFA World Cup tickets.

The security company shared a detailed report highlighting the most common threats expected during Black Friday this year, as well as the Christmas shopping season.

Phishing for data and electronic payment accounts

Kaspersky’s products alone detected over 40 million phishing attacks from January to October 2021, with Amazon, eBay, Alibaba, and Mercado Libre being the most popular lures.

As such, if you receive emails regarding promotions and discounts on major ecommerce platforms, you should treat them with extreme caution.

In terms of trends, phishing players have stepped up their efforts to steal account credentials for electronic payment systems (also known as online payment systems), with October 2021 seeing an increase of 208% from the previous month .

While bank credentials are still targeted, phishing players tend to favor electronic payment systems more, as these have grown in popularity by 40% over the past two years.

Types of phishing in 2021
Phishing targets in 2021
Source: Kaspersky

Banking Trojans disappear

Kaspersky found that cybercriminals were using 11 distinct malware families against buyers in 2021, more than half of which were variants of the Zeus banking Trojan.

The list of other popular strains used in malware attacks in 2021 also includes Qbot (deployed in 13.9% of total incidents), Anubis (13.4%), Trickbot (11.6%) and Neurevt. (4.8%).

An interesting trend emerging from Kaspersky’s statistics is the number of infections, which has fallen from 20 million in the past two years to just 10 million this year.

This decline is in line with the shift in focus from threat actors to electronic payments. Most of these Trojan horse families have a narrow targeting scope limited to specific institutes or financial platforms, so they require more effort to target a wider range of potential victims.

The malware being deployed now is more specialized for e-commerce platforms, seeking to steal online store account credentials, bank card numbers, CVVs, expiration dates, and phone numbers.

Malware Drops Volume
Malware Drops Volume
Source: Kaspersky

End up on malicious sites

There are two categories of bogus sites which can cause problems for the victims. The first is phishing sites that steal credentials and the second is fraudulent sites that steal money.

In the first case, the lures usually come in the form of emails purportedly sent by leading online stores or popular e-commerce platforms, redirecting recipients to a fake login page.

German fake eBay site
German fake eBay site
Source: Kaspersky

The second case involves sites that have cloned real stores by copying their CSS and all content or just fake marketplaces that receive payments without sending anything to the buyer.

In some cases, these platforms send an empty envelope to victims, only to provide a valid tracking number and overdue reports that would allow hosts or authorities to remove them more quickly.

It also reduces the chances that PayPal payment disputes will prevent funds from ending up in scammers’ accounts and allow victims to get their money back.

Cloned site offering goods that will never be shipped.
Cloned site offering goods that will never be shipped.
Source: Kaspersky

How to stay safe while shopping online

Remember that you will see a lot of product discounts and sales promotions during the holidays. However, the chances that some of them are scams are higher than usual.

To protect yourself and your bank account, you should use an internet security solution from a trusted provider and always verify that you are on a legitimate site before entering your payment information.

If you come across an offer that sounds too good to be true, it is probably a scam even in the context of Black Friday.

Finally, if you can use electronic payments instead of credit cards, it would be better because of the less severe repercussions in the event of a data breach.

There are also single-use virtual cards with load limits, so if you want to play it safe while shopping at lesser-known stores, there are ways to do it.

If you need to pay with your bank account or card, verify that the correct amount has been debited and closely monitor all future transactions.


Comments are closed.