Scammer Black Friday offers: Online shopping threats and dark web sales


The e-commerce market continues to grow every year. According to FTI consulting, in Q1 2024, online retail comprised 57% of total sales in the US, and it is expected to increase by 9.8% over 2023 by the end of this year.

In Europe, 72% of those aged 16–74 buy online, their share growing by the year. Globally, according to eMarketer, e-commerce sales are to reach $6.9 trillion by the end of 2024. Kaspersky researchers closely monitor the evolving landscape of shopping-related cybersecurity threats. Each year, they track how cybercriminals target this rapidly expanding sector and the challenges they pose to consumers, especially during peak shopping seasons. As shoppers seek the best deals in the run-up to major sales events like Black Friday, cybercriminals and fraudsters gear up to exploit this demand, attempting to steal personal data, funds, and spread malware through deceptive shopping lures.

Read more…
Source: Kaspersky


Sign up for our Newsletter


Related:

  • Patch Tuesday – January 2025

    January 14, 2025

    Microsoft is addressing 161 vulnerabilities this January 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for eight of the vulnerabilities published today, with three listed on CISA KEV. This is now the fourth consecutive month where Microsoft has published zero-day vulnerabilities on Patch Tuesday without evaluating any of them as critical severity ...

  • One Step Ahead in Cyber Hide-and-Seek: Automating Malicious Infrastructure Discovery With Graph Neural Networks

    January 13, 2025

    When launching and persisting attacks at scale, threat actors can inadvertently leave behind traces of information. They often reuse, rotate and share portions of their infrastructure when automating their campaign’s setup before launching an attack. Defenders can leverage this behavior by pivoting on a few known indicators to uncover newer infrastructure. This article describes the benefits ...

  • Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions

    January 13, 2025

    Microsoft Threat Intelligence discovered a new macOS vulnerability that could allow attackers to bypass Apple’s System Integrity Protection (SIP) in macOS by loading third party kernel extensions. SIP is a security technology that restricts the performance of operations that may compromise system integrity; thus, a SIP bypass affects the overall security of the operating system. Bypassing ...

  • Deep Dive Into a Linux Rootkit Malware

    January 13, 2025

    This is a follow-up analysis to a previous blog about a zero day exploit where the FortiGuard Incident Response (FGIR) team examined how remote attackers exploited multiple vulnerabilities in an appliance to gain control of a customer’s system. At the end of that blog, Fortinet researchers revealed that the remote attacker had deployed a rootkit (a ...

  • Nominet confirms cybersecurity incident linked to Ivanti VPN hacks

    January 13, 2025

    Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability. In an email to customers, seen by TechCrunch, Nominet warned of an “ongoing security incident” under investigation. Nominet said hackers accessed its systems via “third-party VPN software ...

  • UK: Hackney Council still addressing 2020 cyber attack

    January 13, 2025

    Hackney Council has bought a new housing management system – technology that supports local authorities manage housing – as it tries to address the damage from a cyber attack four years ago. The October 2020 cyber attack left a lasting impact on services during a housing crisis which, according to the Local Democracy Report, has seen ...