Islamabad : In 2024, cybercriminals launched over 38 million phishing attacks, impersonating major marketplaces, banks, and tech retailers. Stolen payment card data is actively traded on dark web forums.
Kaspersky closely monitors the evolving landscape of shopping-related cyber threats. As shoppers prepare for major sales events during November and December in search of the best deals, cybercriminals and fraudsters gear up to exploit this demand, attempting to steal personal data, funds, and spread malware through deceptive shopping lures.
Between January and November 2024, Kaspersky solutions blocked 38,473,274 phishing attacks related to online shopping, payment systems, and banking institutions; this represents a significant increase of 25% over the same period last year. Of these attacks, as many as 44.41% targeted banking service users.
Scammers frequently impersonate major retailers, sending deceptive emails claiming to offer exclusive discounts. These emails link to fake websites designed to mimic legitimate ones.. Victims attempting to shop on these sites typically lose money.
Another widespread scam exploits consumers’ desire to win prizes. Fraudsters send messages promoting limited-time surveys with prize draws, offering valuable rewards like a free iPhone. To create urgency, they claim only a few “chosen” users can access the deal, pressuring recipients to act quickly. Scammers offer a “reward” for sharing some “basic info,” such as an email address, and spending some money on a fake site.
Kaspersky experts reveal that stolen data is either exploited directly by scammers or sold on dark web marketplaces. The value of the data determines its price. For instance, comprehensive sets of stolen credit card details, known as “fullz,” typically include the card number, expiration date, CVV code, cardholder’s name, billing address, and phone number.
“This year, dark web markets mirror the pricing strategies and marketing tactics of legitimate online retailers. Some even offer discounts and bundled deals, similar to seasonal sales found on mainstream websites,” comments Marc Rivero, lead security researcher at Kaspersky’s Global Research and Analysis Team.
To enjoy the best that sales deals has to offer this year, be sure to follow a few safety recommendations. Do not trust any links or attachments received by mail or instant message, double-check the sender before opening these. Review e-shop websites before filling out any information: is the URL correct? Are there any spelling errors or design bugs? Protect all devices you use for online shopping with a reliable security solution. Kaspersky Premium is protecting its users from various range of shopping scams. Set up payment notifications and regularly check financial statements. Contact your bank or credit card company if you have any concerns about operations.
To learn more about shopping threat landscape in 2024, visit Securelist.com.
