Holidays are around and so are online shopping scams.

What’s up?

The CISA issued an advisory warning online shoppers against scams ahead of the festive season. The agency has asked users to be careful of fraudulent websites impersonating legitimate sites, emails spoofing charities, and unencrypted financial transactions. Apart from CISA, Britain’s NCSC has posted guidelines for users to stay clear of Black Friday scams. 

What to expect

  • Phishing scams are anticipated to target a large volume of consumers. Whale-phishing scams are designed to target high-level individuals.
  • The easiest targets are mobile users who lack security awareness and device protection.
  • Online retailers should expect malicious automated attacks, API attacks, web attacks, account takeover attacks, and DDoS attacks. 

Some stats your way

  • Around 5,466 potential scam and phishing sites have been registered in November alone.
  • According to research by Cybernews, around 30% of online shopping sites are susceptible to BEAST SSL attack.
  • Smishing attacks have seen a surge of 13% this year, as compared to 2% in 2019.
  • As per research by AT&T, 35% of individuals use the same device for both professional and personal uses, while 24% of individuals are found to store sensitive information in unsanctioned cloud apps.

The bottom line

With our daily lives mostly based online, different scams have witnessed a surge. While we try to bask in the holiday spirit, cyber threats are never far away. Thus, our security focus should be on steering clear of online shopping scams as we brace for contactless shopping.

Cyware Publisher