Seattle – November 8, 2017 – DomainTools, the leader in domain name and DNS-based cyber threat intelligence, today released the findings of its 2017 Cyber Monday Phishing Survey. The survey results highlighted that two in five U.S. consumers have fallen victim to an online phishing attack, despite the fact that 91 percent are aware of the existence of these spoofed websites or emails of trusted brands. As the holiday shopping season approaches, 92 percent of all consumers shop online and about half are planning to shop online on Cyber Monday, exposing an opportunity for malicious hackers to strike. DomainTools has illustrated its key findings in an infographic.
“Cyber Monday has grown in popularity year over year, and unfortunately, so has phishing and online counterfeiting. A range of techniques are used to trick shoppers into visiting a fake website or clicking on a malicious link. This can result in a shopper unintentionally sharing financial and personal information with these criminals or even downloading ransomware,” said Tim Chen, CEO of DomainTools. “As shoppers search for Cyber Monday deals, it’s important that they remember to look closely at links and email addresses before clicking. If something seems too good to be true, it may instead be very fake and very bad.”
According to the Anti-Phishing Working Group (APWG), nearly 119,000 unique phishing sites were detected during November 2016, with over 300 individual brands targeted that month. The brands most likely to be spoofed this November likely correspond with the most popular online retailers, which according to the survey include Amazon (82%), Walmart (36%), and Target (20%). Using DomainTools PhishEye, threat hunters identified some of the most recent brand abusing domains created by attackers in an attempt to trick unassuming online shoppers, including the following:
Consumer education remains the number one way to prevent compromises via phishing. Online shoppers should heed these tactics to safely navigate links to Cyber Monday sales that are shared via email and social media:
Be paranoid. Assume links are dangerous until decided otherwise.
Navigate directly to a company’s website instead of clicking on links in emails or social media.
Closely examine URLs and email senders for typos. Examples could include:
- extra added letters in the domain, such as Yahooo[.]com
- ‘rn’ disguised as an ‘m’, such as modem[.]com versus modern[.]com
- 1’s disguised as l’s, such as wa1mart[.]com
- added affixes, such as starbucks[.]com-latte[.]us
The DomainTools Cyber Monday Survey was conducted online between October 5-7, 2017. Survey data is available by request.
For more information on DomainTools PhishEye, please visit www.domaintools.com/products/phisheye.
DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. Learn more about how to connect the dots on malicious activity at https://www.domaintools.com or follow us on Twitter:@domaintools