Cybercriminals are not only targeting SMEs, institutions and millions of employees working from home. Private bargain hunters who want to shop online on the coming Black Friday should also protect themselves sufficiently. Especially when they shop with the help of their work computers.

Bargain hunters need to be extra careful on Black Friday and Cyber Monday. It is not only companies and retailers that have prepared intensively for the highest holiday of online shoppers. Cybercriminals will also join forces on this day and intensively attack online retailers, their customers and payment service providers with phishing attempts. Not only the number of attacks is expected to increase significantly, but also their complexity – and thus also their dangerousness.

Cyber November: Peak season for cyber attacks

In the run-up to this year’s Black Friday, Avira Protection Labs said it noticed an “increased activity of malicious URLs”. And Zscaler Security Cloud saw a more than 400 percent increase in blocked phishing activity between the first 14 days of October and the first 14 days of November. The experts from Avira’s virus lab expect malicious URLs to increase by at least 15 percent by the end of November compared to the annual average. In the past ten months, the volume of phishing URLs collected by Avira Protection Labs has already more than doubled compared to the previous year, 2019. The peak season for fake URLs is only just beginning: In the months from October to December, 30 to 40 percent more phishing attacks take place than in the quiet summer months of June to August. This massively increases the likelihood for “Black Friday” shoppers to become victims of targeted phishing attacks.

We have seen an increase in phishing activity targeting well-known online shopping sites, phishing attacks on mobile phones, skimming attempts on websites, gift card scam sites and banking Trojans, all of which have been on the rise. The cybercriminals pick up on the increased activity of users on shopping and online payment sites and target their phishing attacks accordingly. Because rarely does so much sensitive data fly through the virtual space in connection with payment transactions as in these weeks, as the potential attackers also know.

Strike quickly instead of looking closely

The attackers proceed psychologically skillfully. They exploit a typical feature of Black Friday purchases: the auction character or the time limit of the offer. Strike quickly instead of taking a closer look – cybercriminals exploit this behavior. They are aware that many online shoppers are less vigilant in the rush to get the best deal and are more inclined to click on compromising links.

Isn’t that a private topic? Is this relevant for companies at all? Yes, because employees still use their work computers for private purposes such as online shopping or banking. Therefore, our tips are certainly also important for your employees.

Read our tips for safe online shopping for Black Friday

• Check Verify the authenticity of the URL or website. Above all, pay attention to unusual spellings of the address or even spelling mistakes.
  More Perseus know-how on: Compromising web applications
• Check Check whether shopping, e-commerce and financial websites are secured by HTTPS connections. All legitimate merchants and payment gateways use this for their transactions.
• Benefits Only secure Wi-Fi connections, and no public networks. The use of a Virtual Protocol Network (VPN) can be helpful in this regard.
  More Perseus know-how about: VPN
• Activate Use two-factor or multi-factor authentication as an extra layer of security, especially for financial transactions.
  More Perseus know-how on: Two-factor authentication
• Avoid URLs whose link has been shortened or are unknown to you – no matter how tempting the offer communicated.
  Install (or update) your operating system and web browser and apply the latest security patches.
• Activate Browser add-ons to prevent malvertisements from popping up with adblockers.
• Mistrust Subscribe to all the gift vouchers and free offers you will receive in the coming weeks. Rest assured: nothing is free. You will certainly be asked for your personal information to trigger your gift. Hands off!
• Keep Get an overview of your orders. As part of the order, it is absolutely normal to receive information from the retailer about the ordering process and delivery status. If you receive such a message as an SMS, you quickly click on the malicious link and have fallen for this smishing attack.
• Use You have a password manager that generates strong and unique passwords for you.
  More Perseus know-how about: Password managers
• Delete All emails with Black Friday messages in the subject line. If they think they’re from a credible brand, go to their website. If the offers are reputable, you will see them.
• Use Only use apps from the official stores like Google or Apple.