Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Dark Side of Deals: Emerging Scams for Black Friday, Cyber Monday and Giving Tuesday

    Javvad-Holiday-2022-SMAs the holiday shopping season kicks into high gear, cybercriminals are gearing up too. This year, alongside the usual suspects, we're seeing some crafty new scams, so let’s take a look at some of the ones you should be most careful of during Black Friday, Cyber Monday and Giving Tuesday.

    AI-Generated Fake Reviews
    AI has allowed scammers to flood product pages with well-written and convincing fake reviews of products. This can lead to boosted ratings of products which may not be of good quality, or may not even exist at all. 

    Tip: Look for verified purchase reviews and be wary of products with sudden spikes in positive feedback.

    Deepfake Influencer Endorsements
    We’ve seen criminals use deepfake technology to create fake video endorsements or promote get rich quick schemes. Be careful if you see your favorite influencer pushing a particular product, especially if it’s for a lesser-known brand. 

    Tip: Cross-reference endorsements on the influencer's official social media accounts.

    Flash Sale Phishing
    Time-pressured "flash sales" are often used to rush consumers into providing personal information or downloading malicious apps or files. Almost all scams have a level of time-pressure associated with them, but during this period, “buy now or lose the deal forever,” is most common. 

    Tip: Always verify the sender's email address and avoid clicking on links in unsolicited emails.

    Fake Tracking Notifications
    With so many purchases being made it can be difficult to remember or keep track of all the deliveries. This is why criminals will often send a fake tracking SMS which takes unsuspecting victims to malicious websites or apps that can steal personal or financial data. 

    Tip: Only use official carrier apps or websites for tracking.

    Crypto Payment Scams
    Some fake stores are offering "exclusive discounts" for cryptocurrency payments, only to disappear with your digital coins.

    Tip: Stick to reputable retailers and traditional payment methods.

    Disaster Relief Scams
    Fraudsters are quick to exploit current events, setting up fake relief funds for recent disasters. Be particularly vigilant about this around GivingTuesday as cybercriminals will use it to set up related scams.

    Tip: Donate directly through well-known organizations rather than responding to unsolicited appeals.

    General Tips to Stay Cyber Secure

    • Use credit cards for online purchases, as they typically offer better fraud protection than debit cards
    • Set strong and unique passwords for accounts, use a password manager if possible
    • Enable two-factor authentication wherever available, especially email and banking
    • Keep your devices and software up to date with the latest patches or software updates
    • Monitor your bank and credit card statements regularly for any suspicious activity
    • Be skeptical of deals that seem too good to be true — they usually are

    Remember, while the holiday season is a time for giving and getting great deals, it's also prime time for scammers. Stay vigilant, ask yourself if a communication is expected, if it invokes an emotional response and tries to pressurize you with time-limited offers. 

    Happy (and safe) shopping!

     

     

    Return To KnowBe4 Security Blog

    Will your users respond to phishing emails?

    KnowBe4's Phishing Reply Test (PRT) is a complimentary IT security tool that makes it easy for you to check to see if key users in your organization will reply to a highly targeted phishing attack without clicking on a link. PRT will give you quick insights into how many users will take the bait so you can take action to train your users and better protect your organization from these fraudulent attacks!

    PRT-imageHere's how it works:

    • Immediately start your test with your choice of three phishing email reply scenarios
    • Spoof a Sender’s name and email address your users know and trust
    • Phishes for user replies and returns the results to you within minutes
    • Get a PDF emailed to you within 24 hours with the percentage of users that replied

    Go Phishing Now!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/phishing-reply-test

    Topics: Phishing

    Javvad Malik

    ABOUT JAVVAD MALIK

    Javvad Malik is the Lead Security Awareness Advocate at KnowBe4 and is based in London. Malik is an IT security professional with over 20 years of experience as an IT security administrator, consultant, industry analyst and security advocate. He is also a multi-award winner and is currently a Guinness World Records holder for the most views of a cybersecurity lesson on YouTube in 24 hours.

    Read more from Javvad »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews