While Black Friday is in full swing, cybercriminals are trying every means possible to scam Internet users. Be careful of the fake sites that abound at this time, determined to steal your banking data.
Black Friday is making a comeback! Even if the official date of the event is November 29, this big sale extends from year to year over much longer periods, to the point now of extending over the entire month of November! Also, for nearly four weeks, online retailers will increase promotions to boost sales during this inflationary period. The perfect opportunity for consumers to score good deals and prepare gifts for the end-of-year holidays!
But be careful, cybercriminals never lurk far away! Every year, they take advantage of the popularity of e-commerce to mount vast scam campaigns, through fake sites, in order to steal the personal information and banking data of Internet users. And the problem is that they are increasingly sophisticated, and therefore difficult to detect.
Black Friday: fraudulent sites from popular brands
A new campaign, orchestrated by the SilkSpecte group, is currently targeting online users in Europe and the United States, warn EclerticlQ researchers. Hackers create fake sites to trick their victims into thinking they are on a real website of a retailer or merchant – including famous brands, such as Ikea, Lidl or North Face. To attract their prey, they do not hesitate to promise attractive discounts, up to -80%!
In reality, these fake sites collect all the data entered to finalize the order (passwords, telephone numbers, bank card numbers, etc.), which are then sent to servers controlled by the hackers so that they can be exploited. They can then be used to carry out phishing, vishing (voice phishing) or smishing (SMS phishing) attacks. These attacks can trick victims into revealing even more personal information, such as two-factor authentication codes, by pretending to be trusted businesses – most likely e-commerce platforms.
Black Friday: how to spot scams?
To trap Internet users, fake sites use typosquatting, a technique which consists of imitating a legitimate URL, but with typos or slight modifications. They also don't hesitate to use extensions like “.shop”, “.top” or “.store”. This is the case, for example, for the lidl-blackfriday-eu sites.[.]shop, ikea-euonline[.]com, gardena-eu[.]com… These fake stores use payment tools like Stripe, which makes them appear trustworthy.
One of the first things to do to avoid getting scammed is to be wary of online offers that seem too generous. If a promotion seems incredibly good compared to what you can find elsewhere, it's essential to carefully check that everything is in order before diving in head first. To do this, you must ensure the credibility of the seller, by inspecting the history of the site, its URL – the address must start with https, which means that it is secure, and be the official site – and the reviews from other customers – a simple internet search is usually enough. If you have the slightest doubt about the reliability of the site or the seller, it is better to abandon the purchase. And for those who come across a site that they suspect of fraud, it is important to report it to internet-signalement.gouv.fr, Pharos or Phishing Initiative.