The annual Black Friday/Cyber Monday sales offer incredible opportunities, but they are also peak days for financial phishing attacks – and consumers are significantly safer on ‘Grey Saturday’, when the number of such attacks drops by up to a third despite it being a top shopping day. Grey Saturday was identified during Kaspersky Lab’s annual review of new financial phishing attacks detected during the holiday sales season.
Kaspersky Lab’s review found signs of Grey Saturday attack dips in both 2016 and 2015. In 2016 there was a decline of 33 per cent in the number of attacks using popular online retail and payment brands (from around 770,000 to 510,000 detections), despite it being the second biggest shopping day in some countries, such as the U.S.
The change in the number of phishing attacks using names of popular retail, banking and payment brands during Black Friday week in 2015 and 2016 (data from all Kaspersky Lab security components – heuristic, offline and cloud detections)
It represents a rare moment of respite from the cybercriminals in an ever busier holiday shopping season that now runs from October through December. Traditionally distributed by email, phishing attacks now also lure consumers through weblinks, banners, social media and more, persuading them to part with their personal financial data in the belief they are dealing with a reputable, known brand.
“The rise in people using online payments, banking and shopping means that financial phishing attacks are now consistently high all year round, but the holiday season makes it so much easier to hide in the noise. At this time of year, marketing and advertising levels go through the roof, and with consumers increasingly making their transactions on mobiles – probably while out and about and in a hurry – almost everyone is more exposed and has less time to think and check. On Grey Saturday the number of attacks drop significantly. Weekends generally see lower numbers of attacks and fewer people online – but on this big shopping day that’s an extra advantage. We expect this trend from 2016 to continue in 2017, so if you plan on shopping online these holidays, choose the day wisely,” said Nadezhda Demidova, Lead Web-Content Analyst, Kaspersky Lab.
Other findings of the report include:
In order to stay protected while shopping online – on any day – Kaspersky Lab offers the following advice:
Kaspersky Lab’s holiday season financial phishing overview is based on information gathered by Kaspersky Lab’s heuristic anti-phishing component that activates every time a user tries to open a phishing link that has not yet been added to Kaspersky Lab’s database.
To learn more about the latest holiday season phishing trends and examples, please see the Beyond Black Friday Kaspersky Lab Threat Report on Securelist.