Expert Comments

Experts Warning And Advice On Black Friday Threats

Expert(s):
Expert(s):

Cybersecurity experts commented below to warn the public about cyber threats on Black Friday and how to mitigate against these threats.

Experts Comments

Dot Your Expert Comments
Mounir Hahad
November 25, 2020
Head
Juniper Threat Labs, Juniper Networks

Think twice about signing on through Google or a social media account.
To protect themselves on Black Friday, Cyber Monday, and throughout the holiday shopping season, here are three ways consumers can protect their online security. - Don’t register at every website – they don’t need to host your PII or payment data. - Think twice about signing on through Google or a social media account – this gives away much more data than many would care to share. - It’s difficult at this time of year to remember every website you use, but try and keep track of those .....Read More
To protect themselves on Black Friday, Cyber Monday, and throughout the holiday shopping season, here are three ways consumers can protect their online security. - Don’t register at every website – they don’t need to host your PII or payment data. - Think twice about signing on through Google or a social media account – this gives away much more data than many would care to share. - It’s difficult at this time of year to remember every website you use, but try and keep track of those you’re using for the first time or have only infrequently used and monitor your charge card data.  Read Less
Saryu Nayyar
November 25, 2020
CEO
Gurucul

Cyber Monday deals can save consumers lots of money, but they can also scam them out of serious money as well.
1. Malicious actors know people are more likely to open emails with timely subject lines, and the COVID-19 pandemic has led them to create new and clever phishing schemes using subjects related to the Pandemic, Unemployment, Stimulus, and Vaccine trials. These emails will frequently offer links for more information, such as discount offers, or perhaps even to register as a potential vaccine recipient. It’s important not to follow any of the links or open any attachments, as they often.....Read More
1. Malicious actors know people are more likely to open emails with timely subject lines, and the COVID-19 pandemic has led them to create new and clever phishing schemes using subjects related to the Pandemic, Unemployment, Stimulus, and Vaccine trials. These emails will frequently offer links for more information, such as discount offers, or perhaps even to register as a potential vaccine recipient. It’s important not to follow any of the links or open any attachments, as they often contain malware designed to steal your personal, financial, or credit information. 2. Avoid online shopping scams by shopping on secure sites. Cyber Monday deals can save consumers lots of money, but they can also scam them out of serious money as well. One of the biggest (and FIRST) indicators of a potential Cyber Monday scam is a website with no SSL certificate. Check the URL and if it is missing an “s” after the “http”, then the site is not secure and you should shop elsewhere. 3. Check out as a guest. Constantly entering in the details of credit card numbers, shipping and billing addresses, etc. can be tedious, but it will help avoid the headache of having to deal with credit card theft. Consumers should never store credit card information on a website unless they are 100% sure it is secure to do so. And even then, it’s not a guarantee that the merchant can protect customer data from all the bad actors. 4. Avoid online shopping over public Wi-Fi. Checking out the latest Cyber Monday bargains at the airport coffee shop sounds like a great way to kill time before a flight. However, it is strongly advised that consumers avoid using public Wi-Fi when doing online shopping. Hackers use open networks to access devices, so avoid a sneaky Wi-Fi scam by waiting until you’re on a secure network. 5. Monitor bank accounts. This should be a no-brainer, but with the chaos surrounding the holidays, hackers are depending on consumers to forget to monitor their transactions. Many of us depend on our banking institution’s fraud monitoring software to alert us if an unusual transaction is made. However, it’s easy for small transactions for small amounts of money to go unnoticed. Make a note to check your accounts daily for extra fraud protection and financial safety during the holidays. 6. Watch out for malvertising (Malicious Advertising). When scouring the internet for the best online shopping deals, shoppers are bound to be shown a plethora of advertisements. Cybercriminals use “malvertisements” as bogus pop-ups or alert warnings to prompt users to click. Once they click or load a bogus web page, they unintentionally install data-stealing malware and infects their system. Consumers can cut their risk by installing an ad-blocking browser plugin and setting their browser to flag malicious content.  Read Less
Tim Helming
November 25, 2020
Security Advocate
DomainTools

While this does not mean that other shoppers can rest easy, it does indicate that Amazon customers may be the ones most at risk of phishing attacks.
Cybercrime does not exist in a vacuum, and this focus on Amazon from threat actors is reflective of just how dominant the retailer has become. While this does not mean that other shoppers can rest easy, it does indicate that Amazon customers may be the ones most at risk of phishing attacks. For this reason, we would recommend exercising extreme caution in the run-up to Black Friday and Cyber Monday, double-checking the sender’s email address, and the domain names in linked URLs, before.....Read More
Cybercrime does not exist in a vacuum, and this focus on Amazon from threat actors is reflective of just how dominant the retailer has become. While this does not mean that other shoppers can rest easy, it does indicate that Amazon customers may be the ones most at risk of phishing attacks. For this reason, we would recommend exercising extreme caution in the run-up to Black Friday and Cyber Monday, double-checking the sender’s email address, and the domain names in linked URLs, before clicking on any links or attachments, and cross-referencing this with known correspondence from Amazon—or whichever retailer you are shopping with.  Read Less
Etay Maor
November 25, 2020
Chief Security Officer at Threat Intelligence Company
IntSights

Basic security hygiene is always a must – keep your system up to date with security updates and patches.
As with many cybercrime cases, both consumers and businesses need to take security seriously to help mitigate the risk of fraud. Consumers should be aware that cybercriminals are always looking for new ways to commit fraud and Black Friday is just one of many opportunities for them. In previous years we have seen phishing and scam emails go out during the shopping season, enticing victims to provide credentials and card numbers on the promise of getting early or discounted deals. Basic.....Read More
As with many cybercrime cases, both consumers and businesses need to take security seriously to help mitigate the risk of fraud. Consumers should be aware that cybercriminals are always looking for new ways to commit fraud and Black Friday is just one of many opportunities for them. In previous years we have seen phishing and scam emails go out during the shopping season, enticing victims to provide credentials and card numbers on the promise of getting early or discounted deals. Basic security hygiene is always a must – keep your system up to date with security updates and patches, don’t reuse passwords, don’t use easy to guess passwords, and opt-in for 2-factor authentication (2FA), but most importantly – remain vigilant and don’t click/download/reply to anything that seems even mildly suspicious. If it seems too good to be true, it probably is. Businesses have a responsibility here as well. Aside from making sure their systems are properly secured and prepared for attacks (such as credential stuffing) they need to offer consumers additional security features such as opting in for 2FA and alerting on suspicious account activity. In addition, organisations must utilise threat intelligence to understand if cybercriminals are targeting them and selling their customer data and credentials, and use it to identifying potential attack vectors used by threat actors.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

Microsoft Multiple 0-Day Attack – Tenable Comment

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

IoT Security In The Spotlight, As Research Highlights Alexa Security...

Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber Attack

Expert Reaction On Solarwinds Blames Intern For Weak Passwords

Expert Reaction On Go Is Becoming The Language Of Choice...

Experts On Google Voice Outage

Expert Reaction On GCHQ To Use AI In Cyberwarfare

Comment: Hackers Break Into ‘Biochemical Systems’ At Oxford Uni Lab...