Application security, Malware, Threat Management

Cybercriminals, as usual, make the Naughty List

Retailers and shoppers hardly need to see Santa's Naughty or Nice list to know where most, although probably not all, cybercriminals will land this year. Some might have redeeming qualities that we are not aware of that could squeak them onto the nice list. Opening doors for senior citizens, that type of thing.

But not the majority.

Those miscreants who will wake up to coal in their stockings can probably blame part of that penalty on their Black Friday and Cyber Monday activities. Researchers are again anticipating cybercriminals will be out in force this year using many of their old tricks, along with a few new tools, to swindle companies and consumers. Since the holiday's are all about tradition, Recorded Future told SC Media that in addition to the somewhat time-honored methods, such as, phishing/smishing/spam, malvertising, pre-installed malware, POS malware, service disruption attacks and account takeovers, we may see updated POS malware such as FastPOS and possibly Mirai-based botnet attacks.

The jolly folks at AppRiver have already spotted an uptick in spam and malware traffic geared to sucker in consumers looking for a deal, some featuring incredibly cute and hard-to-resist-not-to-click babies. AppRiver expects Wednesday to be the big day for this type of attack as they will ride the huge wave of, and become confused with, the blizzard of legitimate marketing emails being sent out prior to the big shopping days. However, instead of getting a super deal the victim will be launched to a site where malware is likely to be encountered.

A sample of malvertising from AppRiver.

To avoid this consumers must keep in mind the number one rule about email deals.

“If the message sounds too good to be true, or if it looks fake, it probably is. Just junk it.”

Then there are the cyber Grinches looking to attack those out shopping in stores. Honestly, I hesitate to associate the Grinch with criminal activity. He did come around in the end and owned a really cute dog. However, the good elves at Skycure Mobile Threat Defense have listed the top 10 shopping malls around the U.S. known for risky Wi-Fi networks.

These networks have been made by actual retail outlets, albeit poorly enabling them to be grabbed by bad guys, and intentionally setup by those populating the aforementioned Naughty List.

The reason the bad guys are so interested in nailing mobile and online shoppers is that these gift givers now compromise the majority of Thanksgiving holiday. A Deloitte consumer survey found 51 percent of the money spent shopping through Cyber Monday will take place online.

So with all this in mind have a Happy Thanksgiving and spending spree from the staff of SC Media.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.