Hackers create fake websites, steal data around 'Black Friday' sales


New Delhi, Nov 26 (IANS): Threat actors are hosting websites for malicious campaigns centred around the Black Friday theme and e-commerce, cryptocurrency and travel are the top targets, a new report has revealed.

Researchers found cybercrime forums across various languages are rife with chatter about Black Friday.

While some actors are promoting their malicious services/campaigns, others are looking to avail them, according to CloudSEK researchers who also discovered an Ethereum giveaway scam website.

"Compromised personal identifiable information (PII) and banking credentials can be used to perform unauthorised transactions and social engineering attacks," they warned.

CloudSEK's contextual AI digital risk platform 'XVigil' discovered hundreds of Black Friday-themed domains registered and operational.

Common forms of attacks included the impersonation of legitimate websites, services for Google/Facebook ads, and the spread of malicious applications.

"Various elements come into play here, right from hosting a website to gaining critical information of victims by using different techniques. Threat actors are constantly looking for opportunities to siphon crucial data or money," said Rishika Desai, Cyber Threat Researcher, CloudSEK.

The finding showed that website cloning is a common technique used by hackers of all levels of sophistication to host fake instances of legitimate websites.

"The iconic Black Friday sale has become a global theme now where cybercriminals at every level and expertise try their best to launch malicious campaigns. Most of these campaigns misuse or impersonate popular brands and companies providing sales and services to cheat the public," Desai added.

The researchers advised to be aware of the freebies, attractive deals and seemingly suspicious third-party solutions.

 

  

Top Stories


Leave a Comment

Title: Hackers create fake websites, steal data around 'Black Friday' sales



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.