Phishing attacks targeting e-payment systems have more than doubled amid the Black Friday season, according to a report by cybersecurity firm Kaspersky.
“The sales season attracts the attention of shoppers and retailers; however, it is also a favorite of cybercriminals who do not hesitate to cash in on online shoppers by creating fake pages mimicking the biggest retail platforms and e-payment systems,” Kaspersky said in an official release.
In 2021, the total number of financial phishing attempts targeting e-payment systems more than doubled from September (627,560) to October (1,935,905), marking a 208 per cent increase.
There also has been a rise in the number of spam letters detected by Kaspersky’s products. The firm’s products spotted a host of spam emails containing the words ‘Black Friday’ being spotted during the month (October 27 to November 19).
“Indeed, this year we have seen the introduction of new payment systems in various countries due to their unmatched convenience. As consumer adoption has skyrocketed, fraudsters started to actively exploit such systems as a lure to spread malicious activity,” it said.
During the first ten months of 2021, Kaspersky products detected more than 40 million phishing attacks targeting e-commerce and e-shopping platforms, as well as banking institutions. Kaspersky researchers didn’t observe the typical seasonal trends for phishing related to online shopping such as significant influx of phishing pages with too good to be true sale offers or growth of retail-related scam.
Researchers have also analysed which popular platforms were used as bait to spread phishing pages. As per the results, Amazon was consistently the most popular lure used, when looking at the total number of phishing attempts using its name. For the majority of 2021, the second most popular was eBay, followed by Alibaba and Mercado Libre.
“We always witness intensified scamming activity amid the Black Friday season. Perhaps a bit more unexpected is the attention being paid to e-payment systems. This time, we discovered a huge increase by 208 per cent in a number of attacks mimicking the most popular payment systems. Of course, every new payment application is seen by scammers as a new opportunity to potentially exploit users,” said Tatyana Shcherbakova, a security expert at Kaspersky.
“So, in order to protect your data and finances it will be a safe practice to make sure the online payment page is secure: you’ll know it is if the web page’s URL begins with HTTPS instead of the usual HTTP and an icon of a lock will also typically appear beside the URL,” added Shcherbakova.