Paint it Black: Threat actors taking advantage of holiday season retail frenzy

From Black Friday to Cyber Monday, consumers have been warned to be on their guard against eCommerce malware

Over recent years, Black Friday has transformed from an informal Thanksgiving shopping tradition to a multibillion-dollar retail extravaganza that sees consumers click and clamor their way to securing the best holiday season bargains.

Now, with more people than ever before poised to partake in the shopping frenzy that starts with Black Friday, continues with Cyber Monday, and rolls on through January, researchers have warned consumers to be aware of illicit actors targeting the eCommerce sector.

According to Adobe, $5.3 billion was spent online by the end of black Friday in 2016, up 17% year-on-year. And from now until the end of the holiday season, online sales are expected to pass the $100 billion benchmark.

Of course, these staggering predictions have not escaped the attention of cybercriminals, leading one research house to warn that threat actors are looking to capitalize on our desire to find the biggest bargains by using the brand names of popular e-tailers to exploit user traffic.

According to a new report from RiskIQ, hundreds of fake mobile apps and landing pages – many of which use fraudulent branding to fools consumers into downloading malware or giving up their login credentials and credit card information – have been detected in the wild.

“In 2016, almost 40% of sales on what used to be a brick-and-mortar shopping weekend occurred on a mobile device over Black Friday and Cyber Monday, making shoppers increasingly at risk of encountering phishing pages, malicious apps, and viruses that infect their phones and tablets to mine sensitive data,” the San Francisco-based cybersecurity firm stated.

“Much of this potential damage comes from mobile apps built to fool users into entering credit card information, which opens them up to potential financial fraud.

“Some fake apps contain malware that can steal personal information or lock the device until the user pays a ransom,” the group added. “Others encourage users to log in using their Facebook or Gmail credentials, potentially exposing sensitive personal information.”

Using RiskIQ data centered around malicious applications, the group found that 4% of the 4,356 Black Friday-specific apps were blacklisted as malicious, while the top five eCommerce brands have blacklisted more than 1,451 malicious URLs aimed at spoofing consumers over the holiday season.

In an effort to educate bargain-hunters as the Black Friday sales commence, RiskIQ said consumers should ensure they only download apps from official stores, such as those offered by Apple or Google.

In addition, users should take a deep look at each app, be wary that a supposedly good reputation can be generated by fake reviews, and steer clear of apps that ask for suspicious permissions, like access to contacts, text messages, or stores passwords.

“For shoppers, what starts out as an attempt to fulfill their holiday shopping checklist for pennies on the dollar can turn into a financial nightmare,” said RiskIQ. “For brands, what begins as an event that significantly boosts sales can turn into a security fiasco that erodes the trust between them and their customers and prospects.”