The number of potential e-commerce phishing domains registered in the first nine months of 2019 is more than six times the amount registered during the same period in 2016, a report from NormShield has found. The researchers looked at fifty major e-commerce companies and identified more than 6,000 domains that will likely be used for phishing attacks impersonating those companies. That’s 11% higher than the phishing domains registered in the first nine months of 2018.
NormShield expects the total number of phishing domains registered this year to surpass 9,000, since there’s always an increase during the holiday season. Additionally, the researchers note that 30% of these phishing domains possess a valid certificate, compared to just 11% last year. These sites are designed to convincingly imitate the login pages of real companies.“Hackers don’t always copy a complete website to execute phishing fraud,” NormShield’s report says.
“They also use social engineering, credential-based landing pages, or use individual brand images and
elements to create fake deals while impersonating ecommerce sites like Amazon....Consumers are
primed to receive an overwhelming number of emails throughout the holiday season. Hackers are
counting on consumers falling for their fake offers hidden in plain sight among real ones ”
Everyone who uses the Internet will eventually encounter these scams, and they’ll likely fall for one if
they don’t know what to look for. New-school security awareness training can help your employees
exercise vigilance and avoid falling victim to these attacks.
NormShield has the story: https://www.normshield.com/white-paper/the-state-of-e-commerce-