Malware Targeting Holiday Shoppers

By:  |  Category: Blog Monday, November 19th, 2018  |  No Comments

Instead of fighting the crowds on Black Friday and getting trampled, you may be thinking it’s safer to cozy up on the sofa with your laptop and get those smoking deals online. But visiting your favorite sites might not be as safe as you think.

Currently, there are at least 14 malware families targeting e-commerce brands to rip off customers ahead of the official holiday shopping season.

Banking trojan malware families Betabot, Panda, Gozi, Zeus, Chthonic, TinyNuke, Gootkit2, IcedID and SpyEye are after online shoppers.

According to Kaspersky Lab, these and other banking trojans have spiked in detections lately, and are hunting for user credentials such as user names, passwords, payment-card numbers and phone numbers. These 14 malware families have been actively targeting a total of 67 consumer e-commerce sites between them, the firm said.

This includes 33 clothing, footwear, gifts, toys, jewelry and department-store sites, eight consumer-electronics sites, eight entertainment and gaming sites, three popular telecom sites, two online payment sites and three online retail platforms.

Out of the top three most-prolific malware families is Betabot, according to Kaspersky Lab data. The report shows that Betabot targets as many as 46 different brands, and was the only trojan to target entertainment and gaming sites, while Gozi targets 36 brands overall and Panda 35.

“The malware can intercept input data on target sites, modify online page content, and/or redirect visitors to phishing pages,” Kaspersky Lab researchers noted in a posting on Thursday, one week ahead of Thanksgiving. They added that the malicious code, once installed often lies in wait for the consumer to visit an e-commerce page, and then simply grabs the payment form wholesale.

“Form-grabbing is a technique used by criminals to save all the information that a user enters into forms on a website,” the team noted. “And on an e-commerce website, such forms are almost certain to contain: login and password combination as well as payment data such as credit card number, expiration date and CVV. If there is no two-factor transaction confirmation in place, then the criminals who obtained this data can use it to steal money.”

Once they have the stolen credentials, criminals can sell them on the Dark Web, or use the stolen accounts themselves to buy things from a website using the victims’ credentials, and then resell the items for profit, now money-laundering to boot.

Convenience seems to be more important to shoppers than security. A survey of 500 adults in the U.K. by Radware found that more than 70 percent don’t think companies are doing enough to protect their personal data on Black Friday. As a result, 45 percent of respondents said they would not be shopping online, including 32 percent who said they would visit a physical store instead.

That being said, a whopping 55 percent of the survey respondents stated that convenience, price or home delivery was worth the potential risk.

Unfortunately, banking trojan activity has been steadily increasing in recent years. Kaspersky Lab detections of their e-commerce-related activity has grown from from 6.6 million in 2015 to 9.2 million at the end of the third quarter of 2018, putting attacks on track to total an estimated 12.3 million by the end of the year. In terms of percentage increases, the firm observed a 12 percent increase in e-commerce targeting between 2016 and 2017, and expects to log a 10 percent rise between 2017 and the end of 2018.

Tips to stay safe:

  • Avoid buying anything online from websites that look potentially dangerous or resemble an incomplete version of a trusted brand’s website.
  •  Do not click on unknown links in email or social media messages, even from people one knows, unless you were expecting the message.

In the Radware survey, 40 percent of respondents said they plan to change their online habits during Black Friday, including 25 percent who will reportedly only shop with well-known brands or will check that the website is secure before making a purchase.

“[Our] research shows that many consumers are aware of the risks of online shopping, and while some are willing to accept this for convenience and price, others are avoiding online shopping altogether,” Radware researchers noted in a posting on Wednesday.

If you need assistance with cybersecurity managed services give EnhancedTECH a call at 714-970-9330 or contact us at [email protected]

Leave a Comment
Read previous post:
Cybersecurity Not a Priority for Majority of Employees When Traveling

Look around any airport and you will find thousands of workers tapping away on their laptop--usually on free public WiFi....