Black Friday is a big day for shoppers. In 2016, 154 million consumers shopped over Thanksgiving weekend and spent $9.36 billion, constituting a year-over-year increase of 16.4 percent.
More than half of that money spent ($5.27 billion) occurred online. Building on those figures, Black Friday 2017 looks like it will be even bigger than in previous years. Forbes forecasts consumer spending over the holiday weekend will increase by 47 percent.
Given the amount of money involved, it’s not a surprise that threat actors prey on shoppers around Black Friday. These bad actors leverage phishing pages, malicious apps and malware to make off with unsuspecting users’ credit card information.
They also steal access to people’s email and social media accounts, so that they can potentially exfiltrate sensitive information and launch secondary attacks against victims’ family, friends and contacts.
To help protect users this holiday season, RiskIQ ran a keyword query of the RiskIQ Global Blacklist and mobile app database, a tool which consists of 2 billion daily HTTP requests, 783 global locations across more than 100 countries, 20 million mobile apps, and 300 million domain records.
It looked specifically for instances of the brand names of the five leading e-tailer brands in the U.S. that appeared alongside “Black Friday” in blacklisted URLs or cause-pages (pages that send users to pages hosting malicious resources).
With respect to the mobile platform, the San Francisco-based security firm found that four percent (one in 25) of the 4,356 mobile apps it discovered were blacklisted as malicious.
At least 15 of those apps contained both the branded terms and “Black Friday.” Outside the holiday weekend, RiskIQ discovered a combined total of 32,000 blacklisted apps for the five leading brands.
Lou Manousos, (Read more...)
This is a Security Bloggers Network syndicated blog post authored by David Bisson. Read the original post at: The State of Security