ESET, a global antivirus software developer, warns against the most common scams used by cybercriminals to cash in on customers during the discount season, in particular, on Black Friday, which is scheduled for November 29.
"Black Friday and Cyber Monday are just around the corner, and shopping platforms will be dropping prices and offering deals aiming to unseat the competition. Unsurprisingly, smartphones are expected to account for a significant part of the purchases made. For scammers 'tis the season to be jolly, since unaware shoppers are ripe to be ripped off," ESET said on its website.
ESET specialists warn that during a busy shopping season, users should be alert for fraudulent ads that are usually spread through social media and involve hacked accounts. Such ads have signs of a scam, such as ridiculous prices, grammar mistakes or weird surveys.
Usually clicking on such an ad will redirect a user to a fraud site, which may be advertising fake goods, ESET said. In the worst-case scenario, one might just download a malware payload to his or her device. Therefore, during the festive season, it is better to refrain from clicking on anything that seems even remotely suspicious.
Fake websites are also a widespread type of scam.
"Fake websites come in many shapes and sizes, and during this part of the year con artists will try to leverage seasonal shopping. For example, it might appear that a reputable e-shop launched a separate domain to house its Black Friday or Cyber Monday offerings, but in fact, it's just a scam. Or, you might just get hit with a homograph attack – this is when adversaries register domains that are similar to the originals but use visually ambiguous characters. And, of course, these fake sites can often have their own, valid certificates that might further misdirect their victims," the company explains.
Bogus gift cards and coupons are a popular way to reel customers in. That makes it a popular method for bad actors to bamboozle users. ESET specialists have recently recorded a case where a new family of banking trojans [a type of malware that infiltrates a computer under the guise of legal software] distributed fraudulent McDonald's discount coupons. However, instead of an attractive discount, users had a malicious program that could take screenshots, simulate the use of the mouse and the keyboard, and even log keystrokes.
"It is important to remember that coupons and gift cards are usually distributed through the official channels of the company such as an app, so it's best to stick to those. Any unsolicited coupons should set your spidey sense tingling," ESET said.
Phishing attacks are one of the most widespread scams out there. A criminal might send a user an email seeking his or her personal information, including a credit card number and home address.
According to ESET telemetry, of all the Black Friday-related emails users will get in one day an average of 12% will be spam emails. Such fraud campaigns were also launched on the Internet during the latest World Cup.
Another type of scam ESET warns against is illicit discount or coupon apps. Experts advise that the best course of action to prevent the spread of malware is to stick to Google Play or the App Store.
"Most retailers tend to have official apps, but imposters have been known to sneak past the sentries into the walled gardens of platforms' storefronts. So always pay attention to the app's description, negative reviews and the permissions it requests," the company said.
As UNIAN reported earlier, according to ESET, about 300,000 new cyber threats related to information security are recorded in Ukraine every day. At the same time, it is extremely difficult to trace hackers; all what remains for companies is to conduct monitoring every minute to identify cyber threats in order to further block them.
ESET is a global leader in IT security. The company was founded in Slovakia in 1992 and today it has representation in more than 180 countries.