Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • 5 Digital Threats to Watch Out for on Black Friday and Cyber Monday
  • Cyber Attacks
  • Data Breach
  • Malware

5 Digital Threats to Watch Out for on Black Friday and Cyber Monday

5 years ago David Bisson
5 Digital Threats to Watch Out for on Black Friday and Cyber Monday

Widely regarded as the official start to the Christmas shopping season, Black Friday and Cyber Monday are exciting because many retailers announce limited-time sales that promise huge savings to die-hard consumers. Not even the pandemic looks like it will dent consumers’ enthusiasm. In September 2020, for instance, Bloomberg shared research from Deloitte that holiday spending was expected to increase between 1% and 1.5% largely because of e-commerce shopping. Reuters wrote a month later that U.S. online spending during the holidays would likely increase by 33% to $189 billion due to a flood of early promotions from retailers.

In their fervor to save money and score big, however, some shoppers don’t take the necessary precautions to protect their personal and financial data. Attackers are well aware. They use various means to abuse this excitement and prey upon holiday shoppers.

The problem is that many people aren’t familiar with these types of attacks. Indeed, 60% of information security professionals told Tripwire in a Twitter poll in 2019 that they don’t think their non-infosec friends and family could spot an email scam. Even more than that (84%) said there’s not enough digital security awareness among the public around the holidays.

All of us at The State of Security want everyone to stay happy, safe and digitally secure for the holidays. Towards that end, let’s discuss some digital threats that shoppers need to watch out for on Black Friday and Cyber Monday. We’ll also highlight some security best practices that consumers can use for the holiday shopping season.

1. Phishing Attacks

In a phishing attack, a bad actor tries to trick you into doing something you wouldn’t ordinarily do like clicking on a suspicious link for a Black Friday or Cyber Monday sales deal. Phishing links commonly lead to fake login pages that prompt you to authenticate yourself on one of your web accounts. You might think you’re logging into your Amazon account, for instance, but that’s not the case. You’re actually just handing your username and password over to an attacker, details which the malicious actor can abuse later.

To protect against a phishing attack, you should exercise caution around the links you receive from people whom you don’t know. You should also always verify the legitimacy of a web page’s domain before attempting to sign in with your login credentials.

2. Financial Malware

Sometimes a phishing email doesn’t come with a link. Sometimes it comes with a malicious attachment. Yes, it may profess itself to be a special Black Friday announcement, but it could just contain an image and some malicious macros.

If you decide to enable content, you could unknowingly install malware onto your device. Those programs can then steal your banking credentials using fake login pages. Alternatively, they could log all of your keystrokes including some of your other account credentials.

You can protect yourself against financial malware by installing an anti-virus solution onto your computer and keeping it up to date. Admittedly, many of those products are limited in their effectiveness because they are signature-based. Still, they do provide some protection.

You should also enable two-factor authentication on your accounts. Doing so will help prevent attackers from accessing your accounts even if they make off with your username and password.

3. Online Scams

Black Friday and Cyber Monday scams come in many forms. Some tell you that you have a package waiting for you at the post office. Another says it’s giving away unbelievable coupons for a well-known retailer. Others still offer refunds for Black Friday or Cyber Monday purchases. Regardless of the form they take, all Black Friday and Cyber Monday scams are meant to trick you into forfeiting your personal and/or financial data. Attackers can then abuse that information to commit credit card fraud or to steal your identity.

Scams try to lure you in with what you want to hear. With that said, if an offer seems too good to be true, it probably is. If you have any doubt, contact the company making the offer directly and confirm whether the deal is legitimate.

4. ATM Skimming

Black Friday and Cyber Monday shoppers oftentimes withdraw money from the ATM when they’re out at the mall. Unfortunately, those machines are susceptible to their own share of digital attacks. One of the most prevalent methods is ATM skimming, an attack where actors affix small electronic devices to an ATM that helps them steal unsuspecting people’s credit and debit card information.

The attack usually consists of two parts: a skimmer that copies the information stored on your payment card and a camera that watches you enter your PIN. Don’t forget that attackers can get very crafty when it comes to deploying skimmers and hidden cameras. This makes it hard to defend against an ATM skimming attack.

In general, if you know you’re going to be doing some shopping that day, try to use an ATM that’s located inside your bank instead of one that’s outside and therefore vulnerable to tampering. If you need to use a public ATM, shield the keypad when you enter your PIN and look for anything that seems out of place on the terminal before swiping your card.

5. Device Theft

In the rush of a Black Friday and Cyber Monday shopping spree, people sometimes don’t keep track of their personal items. For instance, you might be looking at a new TV and forget to pick up your device when they leave the store. That’s bad news, especially if an actor with bad intentions picks it up.

Those actors can potentially use the device to change the login credentials on any of your accounts. They could also steal your photos, contacts and messages for the purpose of committing identity theft, extortion or a whole slew of secondary attacks.

Fortunately, you can protect your phone against device theft by implementing one of the pre-programmed locking mechanisms on your device. You should also activate a feature like Find My iPhone for iOS that helps you to remotely track and/or wipe your device if you misplace it.

Black Friday & Cyber Monday Risks from a Business POV

Shoppers can take several precautions, including those explained above, to make it harder for attackers to target their personal and financial information on Black Friday and Cyber Monday. Not all of these steps can help businesses to protect themselves around the holiday season, however. That’s unacceptable given the fact that 58% of businesses don’t step up their own security practices around the holidays, as Tripwire learned in its poll last year.

In anticipation of increased cyber-attacks, does your company step up security practices, including employee training, during the holiday shopping season? 🛒🛍️🛒🛍️🛒

— Tripwire (@TripwireInc) November 15, 2019

Tim Erlin, VP of Product Management & Strategy at Tripwire, puts the holidays’ risks facing businesses into perspective for us:

Because it’s a busier time and more money is flowing through their systems, attackers will be more likely to target businesses with the hope that the surge in transactions will serve as a smokescreen.

In particular, ransomware and other types of malware are a concern for businesses around this time of the year. Cybercriminals that are targeting businesses ultimately just want the organization to pay the ransom, which can be avoided by having good incident response measures and secure, up-to-date backups in place.

Given those risks, businesses should balance their investments in security awareness training for employees with those in robust security measures that can help to scan their systems for suspicious activity. Learn how Tripwire’s solutions can help in that regard.

The post ” 5 Digital Threats to Watch Out for on Black Friday and Cyber Monday” appeared first on TripWire

Source:TripWire – David Bisson

Tags: COVID-19, Finance, iPhone, Malware, Phishing, Ransomware, TripWire

Continue Reading

Previous Critical Unpatched VMware Flaw Affects Multiple Corporates Products
Next Tesla Hacked and Stolen Again Using Key Fob

More Stories

  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

3 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

3 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

Ex-Google Engineer Convicted for Stealing 2,000 AI Trade Secrets for China Startup

3 days ago [email protected] (The Hacker News)

Recent Posts

  • Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists
  • Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms
  • CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms
  • Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access
  • China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT