APT36, the hackers group linked to Pakistan, has enhanced ElizaRAT with advanced evasion techniques and new payloads.
Black Friday or Black Fraud Day?
Black Friday, once a single day of tantalizing retail deals, has transformed into weeks of sales and shopping extravagance, cementing its position as the year’s most anticipated shopping event. Yet, as consumer spending soars, so does cybercrime. The season of savings has become prime time for scammers, earning Black Friday the ominous nickname, “Black Fraud Day.”
The Dark Web’s perpetual Black Friday
B
lack Friday’s shadow looms far beyond November, with the dark web acting as a year-round marketplace for illicit activities. Even during off-peak months like April, searches for “Black Friday” and related terms spike on the dark web. For cybercriminals, the season of deals never ends. Black Friday is an ongoing opportunity, where “discounts” on stolen data, illicit goods, and hacked subscription services drive a bustling underground marketplace.
Cybercriminals meticulously prepare for months, targeting big retailers with keyword searches and devising attacks aimed at unsuspecting consumers and businesses.
Let’s look at some interesting facts about searches on large commercial platforms:
Amazon:
- Keyword searches jumped 45% in January, with smaller surges in May (15%) and March (13%).
- As a global retail giant, Amazon remains a favourite target for impersonation scams.
eBay:
- January saw a staggering 68% increase in eBay-related searches, followed by 46% in March and 19% in April.
- Cybercriminals exploit eBay’s trusted reputation to deceive buyers and sellers alike.
Target:
- Search activity peaked with a 41% rise in March, a 31% jump in January, and a 15% increase in April.
- These spikes align with periods of heightened consumer activity, making Target a lucrative fraud avenue.
Record-breaking sales, record-breaking scams: the hidden cost of convenience
Black Friday 2023 shattered sales records, with global online shoppers spending an astonishing $9.12 billion in a single day and total seasonal sales exceeding $40 billion, according to Salesforce. But this spending frenzy came with a darker side: a staggering rise in scams. Fraudulent websites mimicking legitimate retailers surged by 89% compared to 2022, tripling since 2021.
What’s driving this surge in scams? Advanced technology, particularly artificial intelligence.
As AI continues to drive innovation in legitimate industries, it simultaneously empowers cybercriminals to scale their operations, making scams more sophisticated and harder to detect. The convenience of online shopping now comes with hidden risks, demanding greater vigilance and robust protective measures from consumers.
Fraudsters are exploiting AI to craft highly convincing scams, from fake listings for sought-after items like luxury tech and clothing to AI-generated phishing campaigns and counterfeit websites that rival legitimate platforms in appearance. Social media and online marketplaces have become hotbeds for these schemes. Alarmingly, nearly 43% of fraud reports to Action Fraud (the national fraud and cybercrime reporting centre in the UK) stemmed from scams originating on social media, while 19% involved online marketplaces.
Telecom provider Three reported that nearly 3,500 scam-related messages inundated their network daily during Black Friday. Additionally, monthly scam reports since January 2023 have surged by an astonishing 170,000 compared to the previous year, highlighting the scale of this growing digital epidemic.
The UK National Cyber Security Centre (NCSC) revealed that UK shoppers lost over £11.5 million to scams during the Black Friday period in 2023—a significant increase of nearly £1 million from the previous year. These statistics underline the urgent need for consumers to remain vigilant and proactive in protecting themselves against cyber threats.
Shopping safely: practical tips for consumers
The threats are real, but they don’t have to ruin your shopping experience. By adopting a few simple habits, you can stay safe while enjoying the thrill of holiday deals:
- Scrutinize URLs: Avoid misspelled or unusual domains.
- Use strong passwords: Ensure unique, secure passwords for each account.
- Verify website security: Look for “https://” and a padlock icon in the browser.
- Be wary of unbelievable deals: If it’s too good to be true, it likely is.
- Prefer credit cards: They offer stronger fraud protection than debit cards.
- Enable Two-Factor Authentication (2FA): Add an extra layer of security.
- Ignore unsolicited messages: Verify offers through official channels.
A call to vigilance
Black Friday is more than a chance to snag deals—it’s a reminder of the growing cyber threats in the digital age. As scammers become more sophisticated, so must our defences. By staying informed and adopting safe online practices, you can shop smarter, avoid falling prey to scams, and truly enjoy the holiday season.
This year, shop with confidence and protect what matters most. Let Black Friday be a day of savings, not losses!