In the last few weeks, tens of thousands of potential scams involving brand names have been discovered, cybersecurity firms are warning.
ZeroFOX identified 61,305 potential scams between Nov. 1 and Nov. 20, according to a report that focused on 26 brands, including names like Samsung, Microsoft, Sony and Tiffany.
In a separate report, Check Point said that more than 1,700 domains, which look similar to the amazon.com domain have been registered in recent months. The sites, such as “amaz0n-jp[.]com,” are meant to mimic legitimate sites.
BEWARE OF BLACK FRIDAY EMAIL SCAMS, SAY EXPERTS
And in the first half of November, the use of e-commerce phishing websites has more than doubled since last November’s peak, up by 233 percent, Check Point said.
The goal, like all scams, is to trick shoppers to input personal information in order to steal credit card data.
The lure is fake gift cards or discounts and even charity-giving, ZeroFOX said.
‘DONALD TRUMP SCREEN OF DEATH’: PRESIDENT’S LIKENESS USED AS RANSOMWARE BAIT
Keywords like “coupon” or “deal” or “free” are used to get shoppers’ attention. Then there is a “call to action” to try to get the victim to log in or verify an account, purportedly to get the reward, according to ZeroFOX.
Scammers are active on social media with hashtags such as “#blackfriday” or “#cybermonday” or “#giveaway.”
“This makes these posts more likely to be shown to social media users, based on the social platform’s algorithms, and also makes them searchable,” ZeroFOX said.
HACKERS ARE DRAINING ATMS ACROSS THE US
“Similarly, scammers may leverage fake accounts to like and share or retweet these scam posts, giving them more legitimacy,” the cybersecurity firm added.
The bad guys also use Google Chrome extensions – small software programs that you install to customize how you browse – to spread malware.
One Chrome extension had over 60,000 installs with dozens of negative reviews complaining about data theft and malware, ZeroFOX said.
MASSIVE SEXTORTION ATTACK RUNNING WILD, SECURITY FIRM SAYS
Black Friday invariably means a big spike in scams.
“Legitimate giveaways rarely ask for anything more than an email address. A promotion requesting anything further is likely a scam,” ZeroFOX said.
Also, be sure the URL, or web address, is legitimate. A rule of thumb that all cybersecurity experts advise is never clicking on a link in an email or text. Rather, go directly to the retailer’s or brand’s website via your browser. And use special caution when interacting with promotional sites. “If a promotion sounds too good to be true, it probably is,” ZeroFOX said.
CLICK HERE TO GET THE FOX NEWS APP
Finally, consider using another email address – not your primary email – for promotional entries.
Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.