Beware Singles’ Day phishing

As the Chinese online shopping festival known as Singles’ Day (for the 11th of the 11th) arrives in South Africa, Kaspersky researchers have warned of a significant growth in fraudulent activities around the event.

Originally a sale day in China, Singles’ Day is now relevant to shopping globally, with some of the best deals promoted weeks before the actual holiday. Due to the popularity of Asian shopping platforms and this sale, scammers are targeting users everywhere with topical phishing scams and spam, which enables them to steal victims’ personal credentials – from email passwords to banking apps – in order to access their accounts.

Promotions for the actual sale start off a few weeks before 11/11 and so do scammers. In order to get a picture of how phishing dynamics look like ahead of the holiday, the researchers looked back into what happened in 2019. Analysis of financial phishing detections in late October and early November in 2019, a few weeks before the Single’s day, shows that the number of phishing attempts has grown significantly as the holiday was nearing, peaking at 803,000 detections on October 28, with additional peaks of attacks during the consecutive week.

The average number of detections during this period was 554,000, which is 21% higher compared to the average of 457,000 in September-October 2019.

“The last quarter of the year is the time when we start getting bombarded with sale offers – people are preparing for the holiday season well in advance and stores respond accordingly,” says Tatyana Sidorina, security researcher at Kaspersky. “Getting a good deal is always pleasant and in the turbulent times like this year, good sale offers are likely to be received by consumers even better. In the hype of this sale spree it is important to stay alert as scammers are always happy to take advantage of unwitting users and phish out their personal details, including financial information.”

To make sure your November 11 shopping spree is not spoilt by spam and phishing, Kaspersky advises, soppers should follow these recommendations:

• If you receive a link to a great offer via email, check the embedded hyperlink – sometimes it may differ from the one that is visible. If it does, access the deal page directly through the legitimate website.
• Only make purchases through official marketplaces and pay attention to the web addresses if you are redirected to them from other landing pages. If they differ from the official retailer, consider checking the offer you were redirected to by looking for it on the official web page.
• Use a security solution with behavior-based anti-phishing technologies, such as Kaspersky Security Cloud or Kaspersky Total Security, which will notify you if you are trying to visit a phishing web page.
• Never use the same password for several websites or services, because if one is stolen, all your accounts will become vulnerable. To create strong hack-proof passwords without having to face the struggle of remembering them, use password managers, such as Kaspersky Password Manager.