As online shopping soared this past holiday season, data from RiskIQ identified numerous “blacklisted” apps and URLs aimed at swindling consumers. The goal of the research is to reveal e-commerce threats and vulnerabilities, and help brands and retailers mitigate these issues.
RiskIQ said it identified more than 1.8 million blacklisted URLs that contained various holiday terms during the holiday selling period. There were also 72 incidents of domain infringement “across the top 10 e-commerce sites…trying to trick e-commerce customers into clicking on malicious sites,” RiskIQ noted in its report.
RiskIQ also detected more than 2,600 online credit card skimmers during the fourth quarter while also discovering more than 1,100 malicious apps. The authors of the report said there were “72 highly concerning blacklisted apps” that contained both “branded terms of the top 10 e-commerce web sites and holiday terms in the title or description.”
The company said online sales rose 13 percent this past holiday with Black Friday and Cyber Monday soaring 17 and 19 percent, respectively. “And for every dollar that consumers spend shopping online, bad actors are looking to capitalize,” RiskIQ stated in their report.
“Hackers capitalize by using the brand names of leading e-tailers, as well as the poor online security hygiene of consumers,” authors of the report said. “They fool shoppers eagerly searching for Black Friday deals, sales and coupons by creating fake mobile apps and landing pages. These tactics trick users, unknowingly, into downloading malware, using compromised sites, or giving up their login credentials and credit card information.”
Other key findings from the company, which offers solutions to mitigate online risk, include that 58 percent of the e-commerce traffic on Black Friday was on smartphones. And that 24 percent of consumers, “unknowingly downloaded an app outside of the Google Play and Apple App stores” while 38 percent of consumers did not “read or are unsure if they read the permissions before downloading an app.”