How cybercriminals adjusted their scams for Black Friday 2021


Black Friday is approaching, and cybercriminals are refining their malware droppers, phishing lures, and fake websites as shoppers prepare to open their wallets.

As researchers at Kaspersky point out, scammers are already targeting people with fake tickets to the FIFA World Cup 2022.

The security firm shared a detailed report highlighting the most common threats expected to emerge during this year’s Black Friday, as well as the Christmas shopping season.

Phishing to data and e-payment accounts

Kaspersky’s products alone detected over 40 million phishing attacks from January to October 2021, with Amazon, eBay, Alibaba and Mercado Libre being the most popular lures.

As such, if you are receiving emails about promotions and discounts on major e-commerce platforms, you should treat them with extra caution.

In terms of trends, phishing operators doubled their efforts to steal account information for e-payment systems (also known as online payment systems), with October 2021 seeing a 208% increase over the previous month.

While banking information is still targeted, phishing players tend to favor e-payment systems more now as these have increased in popularity by 40% over the last two years.

Phishing types in 2021
Phishing targets in 2021
Source: Kaspersky

Bank Trojan horses fade

Kaspersky has found that cybercriminals used 11 separate malware families against shoppers in 2021, with more than half of them being variants of Zeus bank trojans.

The list of other popular strains used in 2021 malware attacks also includes Qbot (deployed in 13.9% of the total number of incidents), Anubis (13.4%), Trickbot (11.6%) and Neurevt (4 , 8%).

An interesting trend emerging from Kaspersky’s statistics is the number of infections, which have dropped from 20 million in the last two years to only 10 million this year.

This decline is in line with the shift in threat actors’ attention to electronic payments. Most of these Trojan families have a narrow targeting area that is limited to specific financial institutions or platforms, so they require more effort to target a wider range of potential victims.

Malware now implemented is more specialized for e-commerce platforms that seek to steal e-shop account information, bank card numbers, CVVs, expiration dates and phone numbers.

The amount of malware is declining
The amount of malware is declining
Source: Kaspersky

End up on malicious websites

There are two categories of fake pages that can lead to problems for the victims. The first is phishing sites that steal credentials and the second are scam sites that steal money.

In the first case, the lures typically come in the form of emails allegedly sent by high-profile online stores or popular e-commerce platforms, directing recipients to a fake login page.

Fake German eBay Page
Fake German eBay Page
Source: Kaspersky

The second case involves sites that have cloned real stores by copying their CSS and all content or just fake markets that receive payments without sending anything to the buyer.

In some cases, these platforms send an empty envelope to the victims, only to provide a valid tracking number and delay reports that would allow hosting providers or authorities to remove them more quickly.

This also reduces the chances that PayPal payment disputes will block the funds from ending up in the scammers’ accounts and allow victims to get their money back.

Cloned site that offers items that will never be shipped.
Cloned site that offers items that will never be shipped.
Source: Kaspersky

How to stay safe while shopping online

Remember, you will see many product discounts and sales promotions during the holidays. But the chances of some of them being scams are greater than usual.

To protect yourself and your bank account, you should use an internet security solution from a trusted provider and always double check that you are on a legitimate website before entering your payment information.

If you stumble upon an offer that seems too good to be true, it’s probably a scam even associated with Black Friday.

Finally, if you can use e-payments instead of credit cards, it will be preferable due to the less serious consequences in case of a data breach.

There are also virtual disposable cards with charging limits, so if you want to play it safe while shopping from lesser known stores, there are ways to do it.

If you need to pay with your bank account or card, check that the correct amount has been charged and monitor all future transactions closely.


Please enter your comment!
Please enter your name here