The Anti-virus Times

Tuesday, November 23, 2021

Black Friday is an annual holiday for all the world’s shopaholics. Stores announce such abnormal discounts that many people postpone making large purchases until the last Friday of November. Of course, if everything is really as good as it looks in an ad, we wouldn't have prepared this issue. In reality, the global sale is closely related to cybercriminals. The Anti-virus Times editorial staff is here to remind you about the security rules that apply during periods of mass discounts.

Good old phishing

Large discounts — big problems. There are always people who want to make money on the general "panic", no matter whether the reason behind it is "positive" or "sad". In the midst of the pandemic, cybercriminals sent out phishing emails containing "recommendations from the World Health Organization". And, for criminals, global sales are a very tempting morsel. A suspiciously large number of dangers are associated with Black Friday, but first things first. First, let's consider the most popular scenario — fake pages.

During sale days, official store website traffic is abnormalised to an incredible degree because everyone wants to know how much prices have been lowered. Attackers gladly take advantage of this: by the end of November, a huge number of fraudulent sites appear in search results. We talk about this quite often, but if sites exist, then someone is making money off of them, and our duty is to warn you about possible the consequences.

Of course, personal data leakage is the worst thing that can happen. You can be sure that by entering your bank card number, first name, last name and email on such phishing sites, you are voluntarily giving valuable information to cybercriminals. And it is hard to say what will happen with it next. Perhaps, the fraudster will use the data, or maybe they will sell it right away. In addition, it is quite likely that the received "loot" will be forgotten for a little while, and the cybercriminals will try to steal your funds or gain access to your accounts only sometime later. For example, your data could be leaked a few years later.

To avoid criminals' tricks, check the address bar carefully before making a purchase on a site. An extra letter or another incorrect symbol in an address can come at a price. Make sure that the official page is indeed official: the URL is correct, certificates are present, and online banking is enabled.

Often as soon as Black Friday starts, just after midnight, people forget about these nuances and become victims of cybercriminals. If our web analysts consider some webpage to be suspicious, you will most likely not be able to visit it if your system is protected by our anti-virus. We regularly block access to phishing sites, so we advise our users to make sure that Dr.Web is enabled and working at full capacity.

Cashbacks and promotional codes

Cashback is a great opportunity to get some money back for a purchase. Almost all popular stores, banks, pharmacies and other organisations use this function. Some stores return cashback in the form of special points, others return real money.

Hackers, of course, in this situation, did not miss the chance to earn extra money. Sometimes, the desire of buyers to save several dollars can result in the loss of tens and hundreds of thousands of dollars withdrawn from a bank card.

During Black Friday, many websites appear that offer special promotional discount codes. This is a good tool; be sure to use it—but wisely. There is nothing wrong with distributing promotional discount codes or an increased cashback—this is common practice and you should not resist it.

However, you still need to be as careful as possible. Cybercriminals have come up with a scheme: they supposedly offer a discount, but only if you buy a product by following their link. In addition, they also promise to "return" almost half of the purchase price as cashback. This year, we wrote in more detail about this in our April review. In practice, it turns out that the promotional code is inactive, the product was forgotten in a warehouse, and the store does not exist at all.

The call to buy something using a unique link here and now sounds dangerous. In fact, this is the very same conventional phishing, but in a new wrapper. Even during a hot sale period, buy products only on official websites. Always be careful and see through the trick.

Mail threat

Also, during periods of mass discounts, you should especially carefully filter your mailbox. Companies notify users of upcoming discounts at the beginning of November. You must be careful to distinguish a fraudulent email from a real one. See who signed it, what it offers and from which address it was sent.

Here, we are again dealing with phishing, which works pretty much the same everywhere. The key difference in the schemes is how a potential victim ends up on a fraudulent site. The mail method is also intended for careless users; it leads to a suspicious page and promises everything under the sun.

Don't forget about other mail threats. For example, an attacker can add an attachment to an email that, when opened, compromises your device or browser.