For many consumers, online shopping is the ideal way to avoid the typical clutter of stores and malls during Black Friday. However, as a Kaspersky report reveals, cybercriminals take advantage of the “marathon” discount season to attack the most unwary users not only through phishing attacks, but also by botnets that spread malware across all types of stores across the web. web.
In your review, the security firm's researchers found botnets aimed at capturing users' private information, in particular bank card data associated with their online store accounts. In all, experts found 15 different families of malicious software that targeted 91 websites and mobile e-commerce applications worldwide.
According to Kaspersky, stores that specialize in selling consumer goods, such as clothing, jewelry or toys, are the most attacked by malicious hackers. In all, 28 websites containing malware were found on pages in this category. In the top three are also entertainment platforms with 20 infected websites and travel platforms with 15.
The figures revealed by the company show changes in relation to the scenario presented in 2018, with an increase in the number of affected platforms. Last year cybercriminals were targeting only 67 websites. Kaspersky recorded over the three quarters of 2019 over 15 million botnet malware attacks. The figures presented show a 9% increase compared to 2018.
According to Kaspersky researcher Oleg Kupreev, “Even if there are no direct economic benefits, personal accounts contain a large amount of valuable information that can be used to reach target users, such as purchase history or related personal information, such as , for example, a shipping address. ” As the expert points out, there is a strong demand for data stolen from online clandestine markets and the information inevitably finds buyers.
During Black Friday's “shopping fever” Kaspersky recommends extra attention, even when the user already has appropriate antivirus software. Any websites that look suspicious, contain errors, or promise discounts that are too good to be true should be avoided, as should unfamiliar links that arrive via email or social media messages. Even on secure platforms, consumers should use payment methods that have multi-factor authorization.