Threat actors are hosting websites for malicious campaigns centred around the Black Friday theme and e-commerce, cryptocurrency and travel are the top targets, a new report has revealed.
Researchers found cybercrime forums across various languages are rife with chatter about Black Friday.
While some actors are promoting their malicious services/campaigns, others are looking to avail them, according to CloudSEK researchers who also discovered an Ethereum giveaway scam website.
“Compromised personal identifiable information (PII) and banking credentials can be used to perform unauthorised transactions and social engineering attacks,” they warned.
CloudSEK’s contextual AI digital risk platform ‘XVigil’ discovered hundreds of Black Friday-themed domains registered and operational.
Common forms of attacks included the impersonation of legitimate websites, services for Google/Facebook ads, and the spread of malicious applications.
“Various elements come into play here, right from hosting a website to gaining critical information of victims by using different techniques. Threat actors are constantly looking for opportunities to siphon crucial data or money,” said Rishika Desai, Cyber Threat Researcher, CloudSEK.
The finding showed that website cloning is a common technique used by hackers of all levels of sophistication to host fake instances of legitimate websites.
“The iconic Black Friday sale has become a global theme now where cybercriminals at every level and expertise try their best to launch malicious campaigns. Most of these campaigns misuse or impersonate popular brands and companies providing sales and services to cheat the public,” Desai added.
The researchers advised to be aware of the freebies, attractive deals and seemingly suspicious third-party solutions.