A record number of fake, malicious shopping websites are popping up before the holidays, according to researchers at Check Point. The sites most likely are being made in hopes of enticing unsuspecting customers looking for Black Friday and Cyber Monday deals, Check Point says.
“Since the beginning of October 2021, CPR researchers witnessed the highest amount of malicious websites related to shopping and sales offers,” Check Point says. “On average, over 5,300 different websites per week were spotted, marking a 178% increase, compared to the average in 2021, thus far.”
Check Point gives the following tips for a threat-free online shopping experience:
- “Always shop from an authentic, reliable source. Do not click on promotional links you get over email or social media. Proactively Google search your desired retail or brand.”
- “Be attentive for lookalike domains. You should notice spelling accuracy in emails or websites, and note unfamiliar email senders or peculiar email addresses you receive promotions from.”
- “Too good to happen shopping offers are indeed too good to happen. A new iPad will NOT go on an 80% discount this season, unfortunately.”
- “Always look for the lock. Making an online transaction from a website that does not have secure sockets layer (SSL) encryption installed is an absolute NO-GO. To know if the site has SSL, look for the “S” in HTTPS, instead of HTTP. An icon of a locked padlock will appear, typically to the left of the URL in the address bar or the status bar down below. No lock is a major red flag.”
- “Always be attentive to password reset emails, especially when volumes of traffic online are at a peak, like the November shopping season, If you receive an uninvited password reset email, always visit the website directly (don’t click on embedded links) and change your password to something different on that site. Not knowing your password is, of course, the problem that cybercriminals face when trying to gain access to your online accounts. By sending a fake password reset email that directs you to a lookalike phishing site, they can convince you to type in your account credentials and send those to them.”
Read the full Check Point story by clicking HERE.