By: Rubin Azad

Beware Of Phishing Attacks And Other Scams During The Thanksgiving Shopping Season

Advertising

 
Black-Friday-Cyber-Monday-deals.jpgThanksgiving Day is one of the major holidays celebrated in the United States on the fourth Thursday in November. The following Friday, referred to as Black Friday, marks the start of the Christmas holiday shopping season. Almost every retailer large and small offers huge discounts on Black Friday, often extending through the weekend and the following Monday, now known as Cyber Monday.
 
As we near Thanksgiving and the start of the holiday shopping frenzy, we’re observing a sharp increase in cyber scams and phishing activities targeting online shoppers. As shoppers look for the best deals available, cybercriminals are quick to take advantage of unsuspecting users.
 
Increase in online shopping transactions
 
Every year during this timeframe, we observe a noticeable spike in the total number of web transactions within the Shopping category. We have shared this trend in our previous blogs as well ([1],[2]).
 
Last year, we saw around 2.71% of all the web transactions categorized as Shopping and this year is no different. We currently see that 2.63% of total web transactions belong to the Shopping category and we expect this number to rise as we approach the end of the month. The following chart shows that the number of Shopping transactions has increased steadily throughout November.
 
 
 
Cyber Scams and Phishing attacks
 
The increase in Shopping activity comes with an unwelcome increase in phishing attempts. Phishing is a well known attack method, often used by attackers to steal sensitive information like authentication credentials, credit card numbers and personal information. We have already seen a large spike in Phishing and Spam activity, specifically targeting Thanksgiving, Black Friday, and Cyber Monday events. The following graph shows the phishing transactions for this month that have been blocked by Zscaler:
 
phish.png
 
We caution consumers to be extra vigilant this holiday season when shopping online. Here are some examples of phishing attempts that we have blocked:
 
Walmart phishing attempt:
 
2.png
 
 
 
 
Amazon phishing attempt:
 
4.png
 
 
Ebay phishing attempt:
 
ebay.png
 
The motive behind these attempts is to steal sensitive user information which includes personal credentials and financial data. Cybercriminals often use this stolen information for illicit activities resulting in monetary gain.
 
More phishing sites targeting online retailers:
  • Ebay - hxxp://124[.]150[.]140[.]133/~ritenfad/viewitem/dll/88322933932/
  • Walmart - hxxp://ofertaswalmart[.]besaba.com
  • Walmart - hxxp://walmartfriday[.]net/
  • Amazon - hxxp://zekocase[.]com/._ama_c0nf1rm/info_bill/login.php
  • Amazon - 213[.]13[.]119[.]152/am/
 
Fake Black Friday/Cyber Monday/Thanksgiving related sites:
  • hxxp://sfspr[.]org/?hid=hollister-cyber-monday-cyber-monday-sale
  • hxxp://cyber-shop[.]net
  • hxxp://www[.]ocdiagnostics[.]net/?id=louboutin-loafers-cyber-monday-deals
  • hxxp://koeriersdienstdemolen[.]nl/wp-content/languages/?page=toms-soap-cyber-monday-2014
  • hxxp://devillevacaville[.]com/?tid=cyber-monday-toms-canada
  • hxxp://postyourads.co[.]uk/?mid=mulberry-bags-cyber-monday-deals
  • hxxp://semexcesso.com[.]br/?hid=hollister-girls-cyber-monday-2014
  • hxxp://dl5.iq11download[.]com/lm/lmdisc2/thanksgivingss.exe
  • hxxp://www[.]americanasblackfriday[.]esy[.]es
  • hxxp://www[.]systempackaging[.]com/images/ugg/black-friday-uggs-p-35.html
  • hxxp://busycatholicmoms[.]com/2013/11/26/new-articles-and-happy-thanksgiving/
 
Sample of subjects used in spam e-mail messages targeting online shoppers:
 
  • Get Stylish-furniture At Discount
  • Checkout tire sales for Black Friday
  • Make the Most of Black Friday, with A New smart-phone
  • Brand name laptops on sale for BlackFriday
  • [Black Friday Starts EARLY]Saveup to 90% +FREE BonusItems!
  • Walmart One Day Specials BlackFriday
  • Shop Black Friday sales to upgrade furniture
  • Thanksgiving Specials and BlackFriday Discounts!
  • New Early BlackFriday Door busters are Added EveryDay
  • Shop Black Friday to find discounts on electronics
  • Search major Savings on laptops...On black-friday
  • Limited Time Black Friday Deal
  • 10% off Site-Wide. Get Your Black Friday Shopping Started Today!
 
How can online shoppers protect themselves?
 
Thanksgiving marks the start of the holiday shopping season which continues until Christmas. The Zscaler ThreatLabZ team is working round the clock to ensure that our customers do not fall prey to such malicious activity.
 
We highly recommend that all online shoppers exercise extreme caution and follow our holiday season shopping security checklist:  
 
  • Inspect the source of emails with shopping deals
 
  • Ensure HTTPS/secure connections to online retailers and Banking sites
 
  • Check the authenticity of the URL or website address before clicking on a link
 
  • Stay away from e-mailed invoices - this is often a social engineering technique used by cybercriminals
 
  • Do not use insecure public WiFi for shopping
 
  • Use two-factor authentication whenever possible especially on sensitive accounts such as those used for banking
 
  • Always ensure that your Operating System and Web Browser have the latest security patches installed
 
  • Use browser add-ons like Adblock Plus to block popups and potential malvertisements
 
  • Backup your documents and media files
 
 
Wishing you all a very Happy Thanksgiving and don’t spend too much!

Credit for analysis: Rubin Azad, Uday Pratap Singh

Learn more about Zscaler.