Check Point Warns of Evolving Threat Landscape Ahead of Black Friday
Buyer Beware!
As Thanksgiving and Black Friday approach, so do the risks of fraudulent shopping scams. Cybercriminals take advantage of shoppers eager to benefit from the exceptional sales available on Black Friday. In preparation for this shopping season, Check Point Research has examined the activities of these cyber criminals and found a significant increase in malicious websites related to Black Friday. Additionally, researchers noted that phishing emails have remained consistent, indicating that it is easy for cyber attackers to recreate these scams.
Check Point Discovers New “Black Friday” Websites
As each year draws near to the much-anticipated Black Friday after Thanksgiving, many new websites emerge, often bearing names that resonate with the shopping extravaganza. This phenomenon reaches its zenith during the week of Black Friday when the activity peaks. A comparison with previous years reveals a striking trend: in the weeks leading up to this significant shopping event, the rate of registered new websites surged tremendously.
For instance, this year, the number of newly established websites linked to Black Friday two weeks before the event has skyrocketed, showing an 89% increase compared to 2023. Even more impressively, this figure has more than tripled when stacked against the numbers from 2022, indicating a robust and growing interest in capitalising on the shopping frenzy surrounding Black Friday each year.
While not all of these websites are designed with malicious intent, our analysis reveals a concerning statistic: approximately 3% are categorised as risky or outright malicious, with virtually none classified as “safe.” The overwhelming majority of these sites remain shrouded in ambiguity, typically displaying a default “parked” webpage cluttered with advertisements and links. This benign appearance can quickly transform, turning them into platforms for phishing attacks.
The malicious websites Check Point Research has observed signals a troubling trend. The websites not only impersonate well-known global brands but also target smaller, boutique brands that may be less recognizable. Interestingly, many of these fraudulent sites exhibit similar design elements and formatting, suggesting the possibility of a coordinated operation behind these deceptive practices.
The following are examples of fake “Black Friday” brand websites:
- Stüssy (Steatwear): stussycanadablackfriday[.]com
- Longchamp (Bags): longchampblackfriday[.]com
- Wayfair (Online Home Store): wayfareblackfriday[.]com
- SOREL (Footwear): soreloutletblackfriday[.]com
- Crew (Retail): jcrewblackfriday[.]com
- IUN (Footwear): blackfriday-shoe[.]top
Phishing Campaigns Repeat Attack Format, Says Check Point
The primary method to reach victims involves sending fraudulent phishing emails offering significant discounts and exclusive deals. These emails encourage users to click a link that directs them to a fake website. One notable trend Check Point has observed this year is that attackers consistently reuse nearly identical emails and websites, only altering the email senders and links.
The examples below were featured in our November 2023 Shopping publication. While these communications have slight differences, the overall attack format remains very similar. This highlights that attackers only need minimal changes to continue their large-scale operations.
How to Stay Safe during the Shopping Season
To help online shoppers stay safe this year, Check Point Research has outlined some practical security and safety tips:
- Check the URL and look for the lock. Avoid buying something online using your payment details from a website that does not have secure sockets layer (SSL) encryption installed. To know if the site has SSL, look for the “S” in HTTPS, instead of HTTP. An icon of a locked padlock will appear, typically to the left of the URL in the address bar or the status bar down below. If you don’t see a lock, that’s a serious warning sign
- Limit personal information shared. Avoid sharing your birthday or social security number. The more hackers know, the more they can hijack your identity.
- Beware of “too good to be true” bargains. If it seems way too good to be true, it probably is. Trust your instincts and avoid suspicious offers.
- Credit cards over debit cards. Credit cards provide better protection and reduce liability in the event of theft.