We have been warning against these types of scams for years and the bad guys are at it again. The team at RiskIQ summarized it pretty well this time:
"Ever the opportunists, threat actors set up their operations where the money is; and in the case of the Black Friday and Cyber Monday phenomena, it’s e-commerce. According to Adobe Digital Index, in 2017, online shoppers stuffed e-commerce cash registers with more than $19.6 billion in sales through the Black Friday weekend—a more than 15 percent increase over 2016.
"With more people than ever poised to partake in this year’s November shopping frenzy, attackers will capitalize by using
the brand names of leading e-tailers to exploit users looking for Black Friday deals and coupons by creating fake mobile apps and landing pages to fool consumers into downloading malware, using compromised sites, or giving up their login credentials and credit card information."
I suggest you send this reminder to your users. Feel free to edit, copy/paste:
"It's Holiday Season for the bad guys too! But not the way you might think. They go into scam-overdrive mode. Black Friday and Cyber Monday are the busiest on-line shopping days and they are out to get rich with your money. So what to look out for?
- At the moment, there are literally thousands of fake sites, looking just like the real thing. Don't fall for it. Make sure the site you go to is the real one. Type in the address or use your bookmark, do not click on links in emails with special offers. And while we're at it...
- Watch out for alerts via email or text that you just received a package from FedEx, UPS or the US Mail, and then asks you for some personal information. Don't enter anything.
- Don't download fake mobile apps that promise big shopping savings, and be very wary of online discount coupons. Think Before You Click!
So, especially now, the price of freedom is constant alertness and willingness to fight back. Remember to only use credit cards online, never debit cards. If you think you might have been scammed, stay calm and call your credit card company, nix that card and get a new one. Happy Holidays!"
The folks at RiskIQ have a great overview that shows all the holiday shopping risks this year. Here is the download. (PDF) They specifically warn against domain infringement:
"Domain infringement targeting brands, employees, and customers is a prolific, effective tool in the hands of attackers and has only grown worse in recent years due to the opening of thousands of new gTLDs, the growth of free and cheap domain registration services, and attack techniques like domain shadowing.
Because corporate attack surfaces are changing, threat actors are also changing their methods. Since business has moved many critical financial and data transactions beyond the firewall to the open internet, attackers are following suit, directly scamming end-users with high-volume phishing campaigns against consumers or targeted spear-phishing campaigns attempting to fool corporate employees.
These attacks are cheap to execute, and they are proving to be incredibly efficient in breaching sensitive data—a recent query of the branded terms of 20 Fortune 100 companies in RiskIQ’s domain infringement detection revealed 37,000 probable instances of domain infringement over a two-week period or 1,850 incidents per brand."
Find out if your own domain has an evil twin with the brand-new Domain Doppelgänger tool
Phishing is still the most widely used cyber attack vector, and criminal attack campaigns often use spoofed websites to deceive your users so they simply allow the bad guys to take over your network.
Since look-alike domains are a dangerous vector for phishing and other social engineering attacks, it’s a top priority that you monitor for potentially harmful domains that can spoof your domain.
Better yet, with these results you can now generate an online assessment test to see what your users are able to recognize as “safe” domains for your organization. You then receive a summary of the test results to understand how security-aware your users are when it comes to identifying potentially fraudulent or phishy domains.
With Domain Doppelgänger, you can:
Search for existing and potential look-alike domains
- Get a report with aggregated results that includes risk indicators, and
- Generate an online “domain safety” quiz based on the results to administer to your end users
This is a complimentary tool and will take only a few minutes. Domain Doppelgänger helps you find the threat before it is used against you.
Find your look-alike domains here:
Don't like to click on redirected buttons? Copy & paste this link into your browser: