summit_logo2

Black Friday Shoppers Beware

SummitBizTech

Bogus retail sites, extreme discounts, busy hackers

The National Retail Federation expects 115 million physical shoppers to be out on Black Friday, and cyber crooks want a part of the action. Last year, researchers discovered nearly 20,000 URLs using the words “Black Friday” and promising huge discounts with links to malicious web pages. Along with the fake URLs, there were nearly 770,000 financial phishing attack attempts.

Black Friday scams include bogus high-end retailing websites that promise discounts on knock-off items, to malicious websites that steal your credit card and personally identifiable information.

The phishing emails disguise themselves as well known, trusted brands offering expensive merchandise at a much lower cost, knowing that people are looking for good deals and price wars. The information security site, Dark Reading, cites this ad from last year:

Bogus Ray-Ban 80% Discount Sale

This bogus Ray-Ban landing page link, www.rayban-outlet.us, showed up at the top of Google searches when Ray-Ban and Black Friday were entered as keyword searches. Once shoppers clicked, they were directed to a fraudulent, authentic-looking page that included user reviews. 

Avoid the Bait

How to avoid getting hoodwinked?  Here are some tips:

  • One clue the site may not be legit is to look at the URL. In this case, the website claimed to be the official Ray-Ban site, but the URL was www.rb6.us. Always doublecheck by conducting a search for the company using its full name.
  • Hover over any links to see if a different name or words come up, unconnected to the site you are visiting. For websites you visit frequently, save the real websites in your favorites and browse there to avoid ending up somewhere dangerous.
  • Watch out for a domain with a few extra words in its name. Past examples have included Amazonsecure-shop, Target-officialsite and Walmart-outlet.ga.
  • Watch out for misspellings: Walmaart, Yahooo, Amazonshop.gq, etc.

Social Media

On Twitter, cyber thieves use “URL shortening” services to disguise phishing URLs. As a result, a very short URL can be used to  redirect visitors to a longer “hidden” URL on Twitter.

Then there’s Facebook. The number and variety of scams are too many to list. For a glimpse, check out https://thehackernews.com/2017/10/facebook-link-spoofing.html.

More important, outsmart the cyber crooks. Become aware of their tricks to avoid them. The Summit Security Awareness Service goes beyond training to make security awareness an embedded habit. Also check out our “Phishgoggles” Twitter page to find out how to stay out of a cybercriminal’s sight – and have a happy holiday season!

Share:

Facebook
Twitter
LinkedIn
On Key

Related Posts

Beware of Holiday Scams!

With the Holidays Upon us, Criminals are at it Again As the holiday season approaches, we find that things get even busier and of course, that means we see more

4 Common Technology Budgeting Mistakes

Are you planning to include your IT needs in your annual budget this year? If so, congratulations! You are doing something incredible to ensure your small business’ success.  Budgeting for

Cybersecurity Scams: What To Look For

How To Recognize Phishing Scammers will try to obtain your passwords, account numbers, and social security numbers through your text messages, emails, or by any means possible. If they are

SBT_logo_w_trns
Facebook-f Twitter Linkedin Envelope

services

resources

Monthly Newsletter

SBT_logo_w_trns
Facebook-f Twitter Linkedin Envelope

services

resources

Monthly Newsletter