This Black Friday and into next week, shoppers will inevitably be lured to fake websites for '60% off iPhone X' or a 'last in stock' super deal fraudulent campaign. Mostly via phishing emails and increasingly via expertly crafted login pages, making you think you are logging into a valid site.
If you fail to notice the web login page is fake, typically hackers receive your login details and/or credit card information. Your stolen login details including username and password, together with your and personal information are then used to carry out fraudulent activities. Simple phishing campaigns can use an almost identical copy of a login page for Social Media platforms, e.g. Facebook, or search engines, e.g. Google, plus a variety of popular retailers and banks, etc. Often using typos in domain names, whilst still using a secure certificate, with a malicious PHP script to send home the details captured.
However, at this time of year the sophisticated and 'long game' players in organised cyber-crime will have pre-planned a deeper trap. Often embedding within the file structure of a web site. Black Friday to Cyber Monday is a promotion lasting at least a week. Notwithstanding the malware, credit card skimming inject, at the checkout to steal your credit card details. Taking advantage of web site extensions, embedding malware e.g. a backdoor alongside a key logger many months ago to bridge access and exfiltrate data at will. Successful campaigns and sources are tweaked in terms of the messaging and left in play throughout the forthcoming holiday season. This is big business every year.
Compromised website owners will see a performance impact and under normal circumstances this would raise alarms. In the midst of high volume transactions for Black Friday could be missed. In fact 'unwanted software' installed on websites by nefarious means has been an issue for years, with Google publishing the typical characteristics for website owners to look out for.
If you believe you have been a victim of a phishing campaign, here some tips for you;
- Change your passwords
- Adopt a multi-factor authentication
- Regularly review your bank account for unusual transactions
- Block the cards used for online transactions
- Contact the site where the phishing page originated
There is an old adage, "if it looks too good to be true, it always is", even on Black Friday!
Visit qa.com/cyberfor more information on how they can help solve the Cyber Security skills gap.

Richard Beck
Richard Beck is Director of Cyber at QA. He works with customers to build effective and successful learning solutions tailored for business needs, helping to solve business problems. Richard has designed and architected numerous enterprise and nationwide cyber programmes for QA customers. Responsible for the QA cyber portfolio, products, proposition and cyber partner community. He has over 15 years' experience in senior Information Security roles.More articles by Richard
The Future of Cyber-Enabled Fraud
Deepfake, biometrics and artificial intelligence, QA's Cyber Practice Director, Richard Beck, takes a look at the future of c…
15 March 2023Cyber Pulse: Edition 189 | 05 August 2022
In this week's blog post: Blockchain platform Solana breached - $8 million and counting, Cryptocurrency service drained of $2…
05 August 2022Cyber Pulse: Edition 188 | 27 July 2022
In this edition: Hackers steal $6 million from blockchain music platform, GoMet Backdoor Used in Attacks Targeting Ukraine, C…
27 June 2022Cyber Pulse: Edition 187 | 18 July 2022
In this edition: Lithuania experience geopolitical motivated cyber attacks, Germany bolsters defences against Russian cyber t…
18 June 2022Cyber Pulse: Edition 186 | 23 June 2022
In this edition: PowerShell Advisory from National Security Agency (NSA), Ukrainian cybersecurity officials exposed two new h…
23 June 2022Cyber Pulse: Edition 185 | 23 May 2022
In this edition: Pro-Russian hackers target Italian institutions, Canada bans Huawei and ZTE 5G and 4G equipment, Greenland s…
23 May 2022Cyber Pulse: Edition 184 | 13 May 2022
In this edition: German automotive companies targeted, Docker attacks linked to cryptominers, HP & Intel announce patches for…
13 May 2022Cyber Pulse: Edition 183 | 29 April 2022
In this edition: More than $13 million in crypto stolen, cryptomining campaign has been targeting Docker APIs, Microsoft repo…
29 April 2022Cyber Pulse: Edition 182 | 22 April 2022
In this edition: APT Group targeting blockchain and crypto industry, ransomware targets ProxyShell weakness in MS Exchange Se…
22 April 2022Cyber Pulse: Edition 181 | 13 April 2022
In this edition: Hackers steal $320,000 in Cryptocurrency from NFT & Crypto community platform, ICS-capable malware targets a…
13 April 2022