With the end-of-year 2019 Black Friday and Cyber Monday sales behind us, the company Adobe Digital Insights analyses the, yet again, record-breaking numbers of online transactions. North American consumers alone spent 7.5 billion dollars online on Black Friday. The figures for Cyber Monday are even higher, accounting for nearly 30 billion dollars of consumer spending.
Yet, amidst all the Christmas-shopping enthusiasm, some of the deals seem too good to be true. An email promotion, for example, was offering 80% discounts on designer sunglasses. An offer like that can be hard to refuse, and purchase required just a simple click on the link. But it was all just a scam. The email address, the website, the links; they were all fake. And that’s just one of many. This type of fraud is now so commonplace that experts advise against clicking on any links promoted by emails altogether.
In a new report, published on the 26th of November 2019, investigators from leading cybersecurity firm Check Point warned of the growing risk of cybercrime during the Christmas period and concluded that changes must be made to the way we shop online.
According to their research, November 2018 saw a significant increase in phishing emails. A year later, the situation is notably worse. When Check Point compiled their report in mid-November 2019, even prior to the peak shopping dates of Black Friday and Cyber Monday, the amount of e-commerce related phishing websites had more than doubled, by up to 233%. A week after the Christmas holidays, that figure had increased to 275%. It should be pointed out that 2018 saw a tremendous increase in phishing emails during the Christmas period, but in 2019, there were almost three times as many.
The total 2019 Christmas shopping spending for the United States amounted to 144 billion dollars, a 14% increase on the 2018 figure. And this sizeable spend took place between the end of November and the Christmas holidays. Of this figure, some 30 billion dollars were spent on Cyber Monday. And this is why Cyber Monday presents an almost unmissable opportunity for cybercriminals.
Investigators warn of how easy it is to disguise scams in bogus emails, text messages and social media posts. In this context, adds Check Point, it’s incredibly easy to obtain credit card details or take payment through PayPal without ever sending the supposedly purchased goods. The first step is to lure consumers by creating a domain that plausibly impersonates a legitimate shopping site. Many appear to be secure HTTPS addresses, and they load a long URL with legitimate text.
Some fraudulent campaigns are sent out to thousands of potential consumers through infected computers which act like bots, sending emails from diverse global locations to evade spam filters. Investigators noted that during the last six months of 2019 alone, more than 1,700 domains which look similar to the official Amazon website were registered.