The holiday shopping season is in full swing, with Black Friday and Cyber Monday just around the corner, and scammers have been getting ready to cash in from their fraud campaigns.
While some fraudsters target the online landscape fooling shoppers with lookalike domains, others focus on customers of brick and mortar retail stores.
The latter take advantage of the flood of legitimate discounts to trick potential victims into giving information that could be used for attacks all year round. Targeting brick and mortar store customers Researchers at ZeroFOX combed the internet for holiday-themed fraud campaigns and found more than 60,000 potential scams, most of them aimed at consumers in the market for regular products that do not fit the luxury category.
The cybersecurity company noticed that the scammers attracted victims with the promise of gift cards, giveaways, discounts, or coupons.
Since user data was the coveted prize, all cybercriminals had to do was create an appealing post directing victims to malicious websites. According to ZeroFOX, this type of post is likely advertised found on social media and digital platforms.
The link in the post above leads to a landing page with multiple fake giveaways. The poor design of the page should serve as a warning, and so should the request to input personal information such as phone number, gender, date of birth, and street address.
Most of the keywords likely to lead to a retail scam that were noticed by the researchers during their study are related to gift-giving. However, posts from unknown accounts on social media that contain ‘holiday,’ ‘Christmas,’ ‘Thanksgiving’ or Black Friday and Cyber Monday should also be regarded with suspicion.