Kaspersky Lab
Beyond Black Friday Threat Report 2017Contents
Introduction2
Methodology and Key Findings ...... 3
Phishing – a universal threat .......... 4
A new pool for phishers ...... 5
Financial phishing on the rise ......... 7
Types of financial phishing . 9
Black Friday attacks ......... 12
Examples of financial phishing attacks in 2017 ..... 13
Conclusion and advice ..... 20
Kaspersky Lab
Beyond Black Friday Threat Report 2017Introduction
The festive holiday shopping season, which covers Thanksgiving, Black Friday and Cyber
Monday in late November as well as Christmas in December, now accounts for a significant
share of annual sales for retailers, particularly in the U.S., Europe and APAC.
Those selling clothing, jewellery, consumer electronics, sports, hobbies and books can make
around a quarter of their sales during the holiday period.In 2017, holiday sales in the U.S.
alone are expected to be up by 3.6 to 4.0 per cent on the same time in 2016.
For brands looking to make the most of this annual spending spree, the desire to sell as much
as possible at a time of intense competition is leading to ever more aggressive marketing
campaigns – particularly online.
Promotional emails, banner ads, social media posts and more bombard consumers over the
holiday months; generating a great deal of noise. Tactics such as one-click buying are designed
to making the purchase process ever easier and faster. Further, up to three quarters of emails
received on Black Friday and Cyber Monday are now opened on a mobile device. People are
becoming used to making instant decisions – and that has significant security implications. They
may miss vital signs that things are not what they seem and their data could be at risk.
All this makes this time of year an ideal hunting ground for hackers, phishers and malware
spreaders; disguising their attacks as offers too good to refuse, a concerned security message
from your bank requiring urgent attention, a special rate discount from your credit card service, and
more. All you have to do is enter your personal details, card numbers or bank account credentials.
Messages or links designed to look as if they come from well-known, trusted brands, payment
cards and banks account for many of the malicious communications detected by Kaspersky
Lab’s systems in the last few years. But with studies showing that consumers are more
interested in price and convenience than brand loyalty, there may be growing opportunities for
cybercriminals who lack the skills or resources to create these and have to take the risk that
consumers will entrust all to an unknown brand name or site.
This overview of financial phishing during the fourth quarter of the year updates the
findings of the Black Friday Threat Overview 2016. It covers the types and timing of
financially motivated cyberthreats that buyers, sellers and providers of payment
systems may face over the holiday season – and offers advice on how to stay safe.
Kaspersky Lab
Beyond Black Friday Threat Report 2017Methodology and Key Findings
The overview is based on information gathered by Kaspersky Lab’s heuristic anti-phishing
component that activates every time a user tries to open a phishing link that has not yet been added
to Kaspersky Lab’s database.Data is presented either as the number of attacks or the number
of attacked users. It updates the 2016 Black Friday overview report with data covering the
fourth quarter of 2016 through to 18 October, 2017.
The festive holiday shopping period now extends from October through to the end of December,
encompassing pre-holiday purchase planning (more than half of U.S. holiday shoppers start
researching and planning what to buy in October) as well as the Black Friday/Cyber Monday
weekend and the run up to Christmas.
Key Findings:
Following a decline in 2015, financial phishing abusing online payment systems, banks and
retailers increased again in 2016.
Financial phishing now accounts for half (49.77 per cent) of all phishing attacks, up from
34.33 per cent in 2015.
Mobile-first consumers are likely to be a key driver behind the rise in financial phishing: the use
of smartphones for online banking, payment and shopping has doubled in a year, and mobile
users will have less time to think and check each action, particularly if they are out and about.
Attack levels are now fairly consistent throughout the year; and Q4 data shows they are
also more evenly spread in terms of the brand names the phishers make use of.
Data for both 2015 and 2016 shows a clear attack peak on Black Friday, followed by a fall. In
2016 the number of attacks fell by up to 33 per cent between Friday and Saturday, despite
Saturday being the second biggest shopping day over the holiday weekend in the U.S.
Financial phishers are exploiting the Black Friday name in their attacks, as well as
consumer awareness of, and concerns about online security – disguising their attack
messages as security alerts, implications that the user has been hacked, or adding
reassuring-sounding security messages.
More about these findings can be found in the overview.。