THREAT INTELLIGENCE

DEC 2017

H O L I D AY S H O P P I N G S E C U R I T Y

3

ITrsquoS THAT TIME OF YEARhellip FOR CYBER SECURITY ARTICLES ON

HOLIDAY SHOPPING According to PwCrsquos annual Global State of Information Security Survey 2017 the retail and consumer sector suffered over 4000 security incidents over the last year

SecurityScorecardrsquos analysis of the 50 least secure US retail companies revealed that 30 of the bottom performers were clothing stores followed by department stores and car dealerships1 However the good news is credit card fraud was down 29 during this yearrsquos Black FridayCyber Monday weekend which is traditionally one of the busiest weekend for retail and e-commerce Helpnetsecuritycom attributes this decrease in claims from retail outlets to improvements in identifying and preventing credit card fraud2

We are following the three scams below that continue to plague online shoppers post Black FridayCyber Monday deals

SPOOFING GIANT ONLINE RETAIL SUPPLIERSCybercriminals know that more consumers are turning to online shopping versus traditional brick and mortar stores for holiday gifts Large online retailers such as Amazon Walmart and Apple receive the largest amount of sales and the most targets by scammers The Better Business Bureau reported in early November that a legitimate-looking email complete with logos and brand colors from ldquoAmazoncomrdquo is circulating The email attempts to convince victims to click on a malicious link to purportedly confirm the victimrsquos address linked to their Amazon account3

PAYPAL PHISHING SCAMPayPal phishing scams up the ante by sending alluring phishing emails via a legitimate PayPal address serviceintl[]paypal[]com The email is delivered directly to victimsrsquo inboxes rather than being filtered to spam folders HackReadcom asserts the scamrsquos end goal is to steal PayPal login credentials addresses credit card data banking data passports identity cards and driver licenses from victims The phishing email tricks victims into thinking their billing information has changed and directs them to an unassuming link to correct their profile However the link brings victims to a PayPal look-alike page that collect stheir log-on information asks them to enter sensitive personal data (eg address phone number date of birth etc) and even asks for verification of credit card details At this time investigators have not announced how the cybercriminals are able to use the official PayPal service email address PayPal users should avoid using links from emails and navigate to their PayPal accounts independent of pre-suggested links Additionally users should verify that all PayPal sites are https secure (have the green lock present) in the address bar before logging onto their account4

3

ITrsquoS THAT TIME OF YEARhellip FOR CYBER SECURITY ARTICLES ON

HOLIDAY SHOPPING According to PwCrsquos annual Global State of Information Security Survey 2017 the retail and consumer sector suffered over 4000 security incidents over the last year

SecurityScorecardrsquos analysis of the 50 least secure US retail companies revealed that 30 of the bottom performers were clothing stores followed by department stores and car dealerships1 However the good news is credit card fraud was down 29 during this yearrsquos Black FridayCyber Monday weekend which is traditionally one of the busiest weekend for retail and e-commerce Helpnetsecuritycom attributes this decrease in claims from retail outlets to improvements in identifying and preventing credit card fraud2

We are following the three scams below that continue to plague online shoppers post Black FridayCyber Monday deals

SPOOFING GIANT ONLINE RETAIL SUPPLIERSCybercriminals know that more consumers are turning to online shopping versus traditional brick and mortar stores for holiday gifts Large online retailers such as Amazon Walmart and Apple receive the largest amount of sales and the most targets by scammers The Better Business Bureau reported in early November that a legitimate-looking email complete with logos and brand colors from ldquoAmazoncomrdquo is circulating The email attempts to convince victims to click on a malicious link to purportedly confirm the victimrsquos address linked to their Amazon account3

PAYPAL PHISHING SCAMPayPal phishing scams up the ante by sending alluring phishing emails via a legitimate PayPal address serviceintl[]paypal[]com The email is delivered directly to victimsrsquo inboxes rather than being filtered to spam folders HackReadcom asserts the scamrsquos end goal is to steal PayPal login credentials addresses credit card data banking data passports identity cards and driver licenses from victims The phishing email tricks victims into thinking their billing information has changed and directs them to an unassuming link to correct their profile However the link brings victims to a PayPal look-alike page that collect stheir log-on information asks them to enter sensitive personal data (eg address phone number date of birth etc) and even asks for verification of credit card details At this time investigators have not announced how the cybercriminals are able to use the official PayPal service email address PayPal users should avoid using links from emails and navigate to their PayPal accounts independent of pre-suggested links Additionally users should verify that all PayPal sites are https secure (have the green lock present) in the address bar before logging onto their account4

4

MOBILE SHOPPING

Shopping on mobile devices can be riskier than on a standard computer The additional risk is due to shortened or less visible URLs (due to the smaller screen) fake apps and small print asking for a variety of accesses (eg locations pictures account data) associated with downloading apps Although Google Play and Apple App Store actively remove malicious apps some infected apps inevitably make it through screening process Typically these are in the form of free apps Arstechnica reported in September that at least 50 apps in the Google Play store charged fees without usersrsquo knowledge or permission This practice resulted in as many as 42 million downloads and infection of more than 5000 devices In this example the malware family ExpensiveWall uploaded phone numbers hardware identifiers and location data to servers controlled by the attackers The stolen phone numbers were later found to register for premium app services and to send text messages5

During the holidays mobile shopping is increasingly risky due to a bombardment of holiday-related discounts associated with downloading new apps or links to unverified webpages To keep yourself safe we recommend reading the following articles

1 httpswwwpcmagcomarticle202817237313100asp

2 httpswwwdarkreadingcomriskten-tips-to-stay-safe-with-your-smartphone-this-holiday-seasondd-id1134944

3 httpswwwcsoonlinecomarticle3197684internetthe-modern-guide-to-staying-safe-onlinehtml

4 httpsstaysafeonlineorgblogproactive-online-safety-tips

5 httpsstaysafeonlineorgwp-contentuploads201711NCSA_Holiday_Shopping_2017pdf

6 httpwwwsecurityweekcomits-wonderful-time-yearfor-hackers

1SecurityScorecard 2017 Retail and E-Commerce Report httpsexploresecurityscorecardcomretail-cybersecurity-research-reporthtml

2Help Net Security Credit Card Fraud is Down 29 for the First Time httpswwwhelpnetsecuritycom20171201credit-card-fraud-down

3Better Business Bureau A New Scam Targeting Amazon Shoppers httpswwwbbborgacadiananews-eventsbbb-scam-alerts201710a-new-scam-targeting-amazon-shoppers

4HackRead A Tricky PayPal Phishing Scam That Coms From Official PayPayl Email httpswwwhackreadcoma-tricky-paypal-phishing-scam-that-comes-from-official-paypal-email

5httpsarstechnicacominformation-technology201709malicious-apps-with-1-million-downloads-slip-past-google-defenses-twice

W W W R O O T 9 B C O M