Fake Black Friday and Cyber Monday apps have been spreading online, as cyber criminals seek to cash in on the annual shopping bonanza.
A report from cyber security firm RiskIQ found that Black Friday is a “feast for threat actors,” with brand names of the five leading retailers used in malicious and fraudulent mobile apps.
These apps seek to fool people into sharing their login credentials or credit card details in the hope of finding the best Black Friday deals.
“For shoppers, what starts as an attempt to fulfil their holiday shopping checklist for pennies on the dollar can turn into a financial nightmare,” the report states.
“With more people than ever poised to partake in this year’s November shopping frenzy, attackers will capitalize by using the brand names of leading e-tailers to exploit users looking for Black Friday deals and coupons by creating fake mobile apps and landing pages to fool consumers into downloading malware.”
The potential financial rewards for cyber criminals is enormous, with figures from Adobe Digital Index revealing online shoppers spent $19.6 billion in 2017.
This year, hackers pose an especially significant risk given the rise of Magecart, a collection of credit card-skimming groups that have already targeted sites like British Airways and Ticketmaster.
“Magecart attacks are surging – RiskIQ’s automatic detections of instances of Magecart breaches pings us almost hourly,” RiskIQ researcher Yonathan Klijnsma wrote in a September report on Magecart.
“Meanwhile, we’re seeing attackers evolve and improve over time, setting their sights on breaches of large brands.”
RiskIQ detected an average of 89,837 monthly instances of Magecart between August and October 2018. Of Black Friday-specific apps, more than 5 per cent of the 4,331 apps analysed were found to be malicious.
The names of the retailers used in the names of the scam apps were not listed in the report, though it is likely they sought to capitalise on the popularity of firms like Amazon and eBay.
“The top-10 most trafficked brands averaged over 17 blacklisted apps containing both its branded terms and ‘Black Friday,’ in the title or description, showing clear intent by threat actors to leverage the shopping holiday,” the report states.