Critical Threat and Consumer Intel for This Year’s Holiday Shopping Season
RiskIQ, the global leader in attack surface intelligence, today released its annual Holiday Shopping E-commerce Blacklist threat report. The report unveils how cyber attackers are leveraging popular brands, weaknesses of the global pandemic, and unsafe consumer shopping habits to victimize consumers.
Read More: Bambuser: Premiere Of The Lobby Live, The First Studio Of Its Kind In Europe
This year’s report dives into RiskIQ’s Internet Intelligence Graph, repositories of correlated threat data compiled over ten years of crawling the web, to expose the e-commerce threat landscape during the busiest shopping period of the year and how threat actors target top-ten most trafficked e-commerce sites in the U.S. and U.K.
This year’s critical data includes:
- Of all apps that can be found by searching “Black Friday,” “Cyber Monday,” “Boxing Day,” or “Christmas,” 466 are blacklisted (unsafe to use) as malicious
- The top-10 most trafficked sites on Thanksgiving weekend have a combined total of 1,654 blacklisted apps that contain their branded terms in the title or description, totaling 82.7 per brand
- 7 domain infringement events across the top-10 most trafficked sites
- The average length of a Magecart breach is 22 Days
- RiskIQ detects a Magecart attack every 16 minutes
- Looking at five of the top-10 most trafficked sites in the U.S and U.K, we found 18,891 blacklisted URLs containing their branded terms or 945 per brand
Read More: Thales Reinvents The Way Identity Documents Are Checked With Its Double-Sided ID Card Reader
“This year’s bad holiday actors will capitalize by using the brand names of leading e-tailers, as well as the poor security habits of consumers,” said RiskIQ CEO Lou Manousos. “They’ll fool shoppers looking for shopping deals, sales, and coupons by creating fake mobile apps and landing pages.”
For shoppers looking to score great deals while filling out their holiday shopping list, one misinformed action can result in a malware infection, stolen personal data, or a hijacked credit card number. The report aims to educate consumers on the risky actions threat actors prey on and tips for avoiding becoming a victim.
For brands, what begins as an event that significantly boosts sales can turn into a security fiasco that erodes the trust of customers and prospects. By downloading the report, brands can better understand their vulnerabilities and work to anticipate how they’re being targeted through the holiday shopping season.
Read More: Siemens Smart Infrastructure Chooses AWS As Its Preferred Cloud Provider For SAP Environments