Kaspersky researchers have reported on a sharp increase in fraudulent activities around e-commerce during an active sales period in Asian countries – Singles’ Day (November 11). While Singles’ Day originates from China, it is now relevant to users of e-marketplaces all over the world. Pre-holiday promos and sales on global Asian platforms are welcomed internationally, and scammers are now targeting users in different languages.
Our researchers detected a spike in financial phishing attacks before the big Singles’ Day sale in 2018. As can be seen from the graph below, the average number of financial phishing attacks fluctuated at around 350,000 per day in October. Then, a couple of days before November 11, 2018, the spike in attacks reached more than 950,000. The researchers are also witnessing similar spam and phishing attacks at the moment and urge everyone to be careful with their purchases.
Apart from that, Kaspersky researchers have found some threats in mobile apps that were disguised as popular e-commerce platforms. The share of shops that have special offers for Singles’ Day is traditionally high. In 2019, 83% of the online shops were pretending to be Asian marketplaces, while in 2018 the number reached 93%.
“While Single’s Day is the best time to shop, as discounts and promotions are well-advertised to users, this is also a peak time for phishers and spammers. Fraudsters become more active during this period. In the pursuit of great discounts and limited offers, people lose their vigilance and are less likely to distinguish a phishing website from a legitimate one. However, such things should not be an obstacle for those hunting the best offers. Consumers have nothing to worry about if they follow the rules of basic cybersecurity hygiene, so good luck to everyone in finding the greatest deals of the year,” comments Andrey Kostin, a security researcher at Kaspersky.
To make sure your November 11 is not marred by spam and phishing, follow this simple advice:
- If you receive a link to a great offer via email, make sure to check the embedded hyperlink – sometimes it may differ from the visible one. If it does, access the deal page directly through the legitimate website;
- Only make purchases through official marketplaces and pay attention to the web addresses if you are redirected to them from other landing pages. If they differ from the official retailer, consider checking the offer you were redirected to by looking for it on the official web page;
- Use a security solution with behaviour-based anti-phishing technologies, such as Kaspersky Security Cloud or Kaspersky Total Security, which will notify you if you are trying to visit a phishing web page;
- Never use the same password for several websites or services, because if one is stolen, all your accounts will be made vulnerable. To create strong hack-proof passwords without having to face the struggle of remembering them, use password managers, such as Kaspersky Password Manager.