Black Friday is over, but Cyber Monday is underway – and that means the most popular day for cyber-attacks is upon us. In fact, on Cyber Monday in 2013 and 2014, malicious attacks on online shoppers increased by 40% compared to other days.
Christopher Budd, the global threat communications manager of Trend Micro, stated that, “The attackers know that there are more people online, so there will be more attacks. Cyber Monday is not a one-day thing, it’s the beginning of a sustained focus on attacks that go after people in the holiday shopping season.”
Budd further added that cyber-attacks often target the season’s hot items. “If you’re reading about it in the mainstream press as far as what’s really hot this year, the hackers are too. Whatever the latest hot gadget is, that’s almost always going to be used as a spam or phishing or social media scam lure, and that’s something that has longevity through the shopping season.”
Budd pointed out that attackers will often send spam emails or hack social media posts advertising too-good-to-be-true deals.
Ryan Gerding, an EnigmaSoftware.com spokesperson, stated that, “Instead of going to Amazon.com, someone might go to Google and search ‘great deals on an Xbox One. There are bad guys who are particularly sophisticated and can make it so that pretty high up in the Google search results there might be a page that promises a ridiculously low price for an Xbox, and someone might click on that and in turn get an infection when they do.”
Gerding added that Cyber Monday marks the beginning of an annual focus change for cyber-attackers. He pointed out that, “The bulk of infections during the rest of the year that our customers get, quite honestly, comes because of them visiting adult websites and clicking on areas they probably shouldn’t. This time of year it seems as though a greater percentage are just folks that are trying to do some shopping.”
According to cybersecurity experts, one of the primary methods for cyber attacking is by using social media hacks to send website links through direct tweets, wall posts and messages that advertise online discounts. These types of attacks are successful because users generally trust recommendations that are posted or sent by friends – without thinking that their accounts could be hacked.
Norton security expert Kevin Haley stated that, “You can send out hundreds of thousands of emails, or you can get one person on social media [to click on a malicious link], and they end up infecting all of their friends. It goes on all their friends’ walls, and a small percentage of those people will click on it, and it cascades through very quickly.”
Additionally, since more people expect deliveries during the holiday season, hackers have another method of attack. Haley warned that, “You send out a set of spam emails that says ‘We had a package that we couldn’t deliver. If you want to find out the details, click on this attachment,’ pretending to be UPS or FedEx. It works because people really want to know about a package they weren’t expecting. Think about how effective that is during the holiday season, when people are getting lots of packages delivered to their door.”
If online shopping this season, be vigilant, check your accounts and keep your virus protection software up to date!