sb-eu logo
Story image

Black Friday alert: Financial botnets targeting e-commerce apparel sites

26 Nov 2019

In the wake of the upcoming Black Friday sales period, cybercriminals are targeting customers of apparel e-commerce websites, including fashion, shoes, gifts, toys and jewellery.

Consumers looking for deals in these areas during the upcoming weeks are advised to be careful when making online purchases.

These are the key findings of a Black Friday Alert 2019: Net Shopping Bag of Threats, prepared by Kaspersky experts, to evaluate what risks consumers may face during the holiday sales season.

Black Friday is arguably the most anticipated retail sales period in the world when brands offer consumers the largest discounts and promotional offers.

At the same time, cyber-fraudsters also consider this period fruitful, to lure people in to fraudulent schemes and steal their money.

To understand the extent of fraudsters’ activity, Kaspersky researchers analysed Black Friday threats, including the activities of botnets that distribute banking Trojans – malware aimed at stealing users’ credentials and financial data.

Botnets are networks of computers infected with malware.

Depending on the will of the botnet owner, the malware may download additional malicious modules to use for other purposes.

Kaspersky tracks the activity of multiple botnets and is able to learn when a particular one is being changed and new abilities added.

Recently, Kaspersky researchers observed botnets made of computers infected with malware aimed at intercepting users’ credentials to gain access to leading e-commerce websites and subsequently (in some cases) bank card details, attached to user accounts in particular e-shops.

Kaspersky found 15 malware families that were targeting a total of 91 consumer e-commerce sites and mobile apps across the world.

Of those, consumer goods - such as clothing stores, jewellery and toys - appear to be the key focus of financial botnets operators this season, with 28 websites from this category part of the malware families mentioned above.

This was followed by the entertainment segment, including movies, music and games (20 sites targeted).

Users of e-commerce brands dealing with the travel industry, such as transportation tickets retailers, taxi services and hotels are also in the list of top sites targeted, with 15 popular websites.

Last year the situation was different: the total number of targeted brands was lower at just 67, while the top of the most ‘hunted’ brands was led by consumer apparel, entertainment and consumer electronics websites.

This year, only two websites from the latter category were identified as targeted by one of 15 malicious families.

“The growing interest of cybercriminals in getting users credentials of e-commerce brands is easy to understand. In some cases, there are credit card details or loyalty program card details linked with these accounts and getting access to an e-shop account of a user would also mean access to their money.

“And even if there is no direct financial gain, personal user accounts contain a lot of valuable information that could be used to further target users, such as purchase history or personal information related to a delivery address etc. Such information is highly valued in the underground market and will inevitably find a buyer.

“However, the good news for consumers is that through simple precautionary measures and remaining vigilant, they can stay safe,” says Kaspersky security researcher Oleg Kupreev.

To stay safe during the Black Friday period, Kaspersky recommends shoppers:

  • Avoid purchasing from websites that appear suspicious or flawed, no matter how great their Black Friday deals are
  • Don’t click on unfamiliar links you receive in emails or social media messages, even from people you know, unless you were expecting the message
  • Double-check the email address of the sender. If it is not the official brand’s website domain, do not click on the link
  • Chose payment processing services that use multifactor authorization of purchases, if available
  • Use a dedicated security solution on your device
Story image
Interview: Acronis co-founder on going all-in for DLP
Data-loss prevention (DLP) strategies are a cornerstone of wider cybersecurity ecosystems, especially to counter the risks of remote working. Acronis co-founder Stas Protassov explains its significance and why it acquired a DLP powerhouse.More
Story image
Internet outages drastically increased during COVID-19 lockdowns, report finds
Global internet disruptions increased 63% in March, with internet service providers hit the hardest. This is according to the 2020 Internet Performance Report from ThousandEyes, the internet and cloud intelligence company.More
Story image
Data breaches costing companies millions - could incident response help?
On average, data breaches cost companies $3.86 million per breach, with compromised employee accounts the most expensive root cause.More
Story image
Fortinet reports total revenue of $615.5 million
Strong demand for secure SD-WAN and work-from-home capabilities helped power 18% second quarter revenue growth. More
Story image
Malware attacks abusing machine identities grew eightfold over the last 10 years - report
"Machine identity capabilities have become commoditised and are being added to off-the-shelf malware, making it more sophisticated and harder to detect."More
Story image
Adobe, IBM and Red Hat partner up to accelerate DX and real-time data security
"As companies undergo their digital transformations and move core workloads to the cloud, the entire C-suite is facing a re-framing of their roles to meet customer demands – all while keeping security front and centre."More