Barracuda: watch out for attacks on Black Friday and Cyber Monday

24 November 2017 Paolo Bergamaschi Guides & Tutorials 0

Famous brands and gift cards: cybercriminals are launching major phishing campaigns, impersonating popular brand websites to steal personal information. Just hours before Black Friday, Barracuda experts warn of online scams.
Black Friday
Black Friday

The idea of ​​camping outside your favorite department store to be the first to take advantage of Black Friday is no longer so widespread, as everything can be done online without losing sleep and jostling with famished hordes of customers. However, if we can say goodbye to overflowing car parks and endless queues at the checkout, it is not so certain that we can relax; simply, the battle has moved to a new and less known battlefield. In fact, if on one side of the barricade there are millions of customers hunting for the best online deals, on the other there are cybercriminals constantly looking for creative ideas to take advantage of the situation.

Experts from Barracuda Networks, a company that offers IT security and storage solutions, have analyzed some of the online attacks that are happening these days. 

The Threat

Black Friday Phishing and Cyber Monday Attack – mass phishing attacks by subjects who pretend to be popular brands to get victims to hand over personal information. 

The Details: 

Three are the methods predominantly used to deceive users:

  • Pretending to be popular e-commerce brands like Amazon, sending emails containing fake gift cards.
  • Pretending to be major physical brands like Walmart or Kohls.
  • Pretending to be popular consumer product brands like Ray-Ban and Michael Kors.

Pay attention to the tactics, not the brand names

Brand names used are less significant than the tactics used; criminals can indeed change brand names rapidly and launch new attacks. These mass attacks are sent to thousands of potential customers offering gift cards to be used by a specific date, leading victims to fake websites that look similar to the legitimate site. The goal is to convince the consumer to register or authenticate themselves on what they think is the real Amazon or Walmart site to receive the gift card. Unfortunately, the unwary customer will receive no gift card: they will only have revealed their credentials, which can lead to all sorts of destructive behavior. Cybercriminals can access these accounts, retrieve credit card numbers and other personal information, and learn purchasing habits to use in future social engineering attacks. 

Short-lived attacks

These threats have a short lifespan: many of these sites are now inaccessible, and new attacks have certainly been launched with different domains. In these threats, moreover, the emails are crafted particularly subtly. Recipients do not need to click on a “Buy” button to be directed to the counterfeit site, because criminals have embedded malicious links in all elements of the message, images, and text. In practice, it is enough for the victim to click anywhere in the message to find themselves on the counterfeit site.

Although these sites are not entirely identical to the original, criminals count on the fact that most consumers do not buy directly from these brands and are therefore unable to distinguish the fake page from the original. They bet on the fact that many people who shop online do so on Amazon and are willing to register for a voucher to spend on the Ray-ban site.

These threats will bypass protection systems

Most mail security solutions do not block these attempts because criminals use URL shorteners and redirectors to get the email to the end-user. Criminals exploit the fact that security solutions do not block most URL shortening services, which are widely used to share URLs. Redirectors, on the other hand, are used to make the user think they are visiting a safe site. These are undoubtedly clever tactics that increase the probability that the email will reach its destination and that the user will open it.

In summary, the techniques used are:

  • Phishing: criminals send large quantities of emails to encourage recipients to take an action to take advantage of an irresistible offer
  • Impersonation / brand hijacking: criminals pretend to be popular brands or well-known e-commerce stores
  • Spoofing: sites managed by criminals are built to resemble original sites.

Security and Prevention Tips

  • During Black Friday and Cyber Monday, and generally during shopping periods, be careful and do not click on emails that offer unbeatable deals. Go directly to the site and search for the product on offer.
  • Hover your mouse over links to check if the destination address is legitimate.
  • If in doubt, do not click!
  • Be extremely cautious of all promotional emails you receive during this period.
  • Check the certificate in the upper left corner of the site, ensuring that it is assigned to Amazon.com or the “real” site anyway.
  • Siti are not always identical to the original, please verify.
  • Ensure that when you register or enter personal information, the site is secure. You can check in your browser, just before the URL, that the word “Secure” is present.

Training

Employees, and anyone who uses email in general, should be trained to recognize these types of attacks. Simulated attacks continue to be the most effective means of training. Always verify the domains on emails that ask you to do something, from a click to entering information.

Pubblicato in
24 November 2017 Paolo Bergamaschi Guides & Tutorials 0

Se vuoi rimanere aggiornato su Barracuda: watch out for attacks on Black Friday and Cyber Monday iscriviti alla nostra newsletter settimanale

Be the first to comment

Leave a Reply

Your email address will not be published.


*