Press Releases

A third of the UK plans to grab a bargain this Cyber Monday

London, UK – November 8, 2017 DomainTools, the leader in domain name and DNS-based cyber threat intelligence, today announced the results of a survey which found that nearly all (98 percent) of the UK population shops online and nearly a third (29 percent) plans to shop on Cyber Monday. This is despite the fact that one in five admitted to having already been caught out by an online scam. With this in mind, DomainTools wants to remind the UK to shop with caution and has provided tips for avoiding Cyber Monday scams.

According to Tim Chen, CEO of DomainTools, “Cyber Monday has grown in popularity year over year, and unfortunately, so has phishing and online counterfeiting. A range of techniques are used to trick shoppers into visiting a fake website or clicking on a malicious link. This can result in a shopper unintentionally sharing financial and personal information with these criminals or even downloading ransomware. As shoppers search for Cyber Monday deals, it’s important that they remember to look closely at links and email addresses before clicking.”

Cyber Monday, the online international shopping spree which follows the better-known Black Friday, falls on November 27. On Cyber Monday 2016 consumers spent approximately £1.9bn online, which represents a 21 percent increase over 2015. “Email, in-app advertising and SMS campaigns are popular with big brands during the busiest shopping time of the year as a way to let consumers know about deals and the latest products,” said Chen. “The trouble is, cyber criminals take advantage of this form of communication by combining look-alike branding with a deceptive domain name. They’re able to reach a broad audience and it only takes a few unsuspecting consumers to result in a successful phishing or malware campaign.”

When asked if they had ever clicked on a link or email that turned out to be a scam, a fifth of survey respondents admitted that they had. When asked what happened as a result, over a quarter (27 percent) of victims’ computers were infected with viruses. In addition, 12 percent had their credit card information stolen and a further 10 percent were tricked into buying a false product. Moreover, nearly a quarter know of someone else who has purchased fake goods from a website that they thought was legitimate.

The brands most likely to be spoofed this November likely correspond with the most popular online retailers, which according to the survey include Amazon (87%), Argos (46%) and Tesco (35%). Using DomainTools PhishEye, DomainTools identified some of the most recent brand abusing domains created by attackers in an attempt to trick online shoppers, including the following:

Cyber Monday DomainTools

Chen explained how looks can be deceiving—many illegitimate sites look virtually identical to the real thing. This is where looking closely at the URL can make a real difference for staying safe online. Online shoppers should heed these tactics to safely navigate links to Cyber Monday sales that are shared via email and social media:

Be paranoid. Assume links are dangerous until decided otherwise.

Navigate directly to a company’s website instead of clicking on links in emails or social media.

Closely examine URLs and email senders for typos. Examples could include:

  • extra added letters in the domain, such as Yahooo[.]com
  • ‘rn’ disguised as an ‘m’, such as versus
  • 1’s disguised as l’s, such as wa1mart[.]com
  • added affixes, such as starbucks[.]com-latte[.]us

Notes to editors:

  • This survey was carried out by OnePoll in October 2017 and studied the attitudes of 1000 consumers in the United Kingdom.
  • The full findings of the survey are available upon request.

About DomainTools

DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. Learn more about how to connect the dots on malicious activity at or follow us on Twitter:@domaintools