Black Friday and Cyber Monday, which come right after Thanksgiving Day, are two of the most popular days for shopping online, with retailers offering big discounts and deals to capitalize on the holiday season.
While many shoppers are on the lookout for Black Friday and Cyber Monday deals, cyber criminals are creating malicious apps to steal from these eager buyers on the annual shopping bonanza.
If shoppers are willing to take risks for discounts, thieves are ready to take advantage. A report from cyber security firm RiskIQ found that Black Friday is a “feast for threat actors,” with brand names of the five leading retailers used in malicious and fraudulent mobile apps.
“With the staggering amount of money spent by consumers each year over the Black Friday weekend, it’s no surprise that we detected so much threat activity,” Yonathan Klijnsma, a head researcher at RiskIQ, said in an email. “While we can’t tell exactly how successful these malicious apps and landing pages are, the fact that we see them spun up every year indicates that they’re working.”
These apps seek to fool people into sharing their login credentials or credit card details in the hope of finding the best Black Friday deals.
The potential financial rewards for cyber criminals is enormous, with figures from Adobe Digital Index revealing online shoppers spent $19.6 billion in 2017.
This year, hackers pose an especially significant risk given the rise of Magecart, a collection of credit card-skimming groups that have already targeted sites like British Airways and Ticketmaster.
There’s no reliable way to track how much this type of fraud costs consumers and the economy, but security experts agree that it’s a growing problem and that malicious apps are a somewhat new phenomenon under the broader heading of cyberfraud.
Basic precautions you can take to avoid cyber theft on Black Friday
While a discount is always exciting, online shoppers should be cautious of offers that are too far below the market price. These types of deals can indicate an untrustworthy deal.
- If you’re going to shop online, watch out for scams and fake websites.
- Avoiding deals coming in via email. Access store’s website directly.
- Download apps from official app stores like Google Play and Apple’s App Store.
- Be wary if a shopping app asks for access to contacts or passwords.
- Look for misspellings and odd phrasing in the app’s description.
- Don’t trust the reviews. It’s easy to forge good ones.
- Do a spot check on the app’s developer. If you don’t recognize the name, do a Google search to see whether it’s legit