Ahead of the upcoming Black Friday and holiday shopping season, alarming data reveals that cybercriminals stand ready to intensify efforts to exploit the busiest shopping days as online sales continue to rise. The surge in online activity represents a lucrative opportunity for these cybercriminals, given that shoppers are often less suspicious of unusually high online bargains during the Black Friday/Cyber Monday shopping period.
Research by cybersecurity firm Netcraft has presented considerable cause for concern, identifying an impressive 135% increase in fake retail sites blocked as of the end of October 2023, compared to the same time last year. This marked increase follows an already substantial growth of 63% over October the previous year, indicating that the annual rise more than doubled in the span of the past 12 months.
Fake online shops often purportedly offer significantly discounted goods. They may impersonate the websites of recognised luxury brands and established retailers or claim to operate across a variety of brands. Primarily, these sites serve as a façade allowing cybercriminals to capture payment details and other sensitive information supplied by unsuspecting shoppers. This information can be utilised directly or sold to other cybercriminals, whilst any delivered goods are likely to be counterfeit.
Netcraft's research provides insight into the tactics employed by these cybercriminals in their attempts to deceit consumers and harm brand credibility. This ranges from domain spoofing, where cybercriminals register a domain that is deceptively similar to a well-known organization, to replicating the branding of legitimate retail sites to convince customers of the sites’ authenticity.
Furthermore, these fake websites often use promotional imagery from genuine brand promotions to gain further credibility. For instance, cybercriminals targeting premium shoe retailer, Vionic, used the retailer's own promotional imagery to mislead customers. These malicious practices are not limited to recognisable brands. In many cases, cybercriminals set up generic, unbranded retail sites, betting that a hefty discount on luxury goods would be sufficient bait for bargain seekers.
Unfortunately, detecting these fraudulent sites as a consumer can be challenging. However, there are specific indicators that could help identify likely counterfeits. These include unrealistically high discounts, poor professional design, the lack of contact details, and questionable domain names, among others.
The statistics are alarming considering that online shopping accounted for 5.7 trillion dollars spent globally in 2022. In the same period, almost 41 billion dollars worth of fraud was committed by cybercriminals. Counterfeit retail sites not only have the potential to divert traffic away from legitimate outlets and defraud customers, but also inflict a substantial financial toll, and damage the reputation of brands.
As the holiday shopping season approaches, it pays for consumers to remain vigilant and take steps to avoid falling victim to such sophisticated cybercrime tactics.