Who's that Knocking at the Front Door?

New Survey Reveals US and UK Consumers at Risk This Holiday Shopping Season

Among the most important aspects of combatting cybercrime are intelligence sharing and education. As part of the information security community, we are committed to supporting intelligence gathering and collaboration across businesses, government agencies and consumers. If you are a person with a computer, you’re a target, so it is important to be educated on the latest cyber threats. While most of our work centers on supporting organizations, we want to build awareness and education on this front and help arm individuals with the skill set necessary to avoid falling victim.

One attack vector that has grown exponentially in the past few years is email phishing. Phishing attacks prey on human habits such as pattern recognition and distraction. While emails sent from Nigerian princes are easy to spot, today you’re much more likely to receive a note purportedly from a www[.]amaz0n[.]com that tricks you into sharing personal or financial information, or into purchasing fake goods online.

As Cyber Monday is one of the most popular shopping days of the year, we surveyed 1,000 U.S. consumers and 1,000 UK consumers. The purpose of this survey was to get a pulse on how many people are aware of cyber phishing scams, how many have been deceived, and at what cost. The results show that while overall awareness is high – more than 90 percent of respondents are familiar with phishing – the cleverness of the schemes have made victims out of 39 percent of U.S. shoppers and 20 percent of UK shoppers. Many said they have been duped more than once.


Phishing scams occur when hackers send emails or set up websites that look like trusted brands, but are actually spoofed sites created with the goal of trying to trick shoppers into sharing personal information or buying fake products. Are you aware of these scams?


Have you ever clicked on a link or email that you thought was from atrusted brand only to find out that it was an attempted scam?


Has this happened more than once?

Consequences of phishing attacks can be devastating. Both in the U.S. and the UK, computer viruses, stolen credit cards and breached personal information have been common results of such attacks.


Thinking of the last time that you clicked on a link / email that you thought was from a trusted brand / person only to find out it was an attempted scam, what happened as a result of this?


Have you ever had your banking information or credit card information stolen and used based on an online purchase?


As more consumers move to online shopping, criminals will continue to strike on high performance days and spoof trusted brands. This year, 92 percent of U.S. consumers have shopped online regularly and nearly half are planning to shop on Cyber Monday. While Cyber Monday isn’t as popular yet in the UK, nearly 80 percent shop online at least once per month.


How often do you shop online?


Are you planning to shop during Cyber Monday


The brands most likely to be targeted this November may correspond with the most popular online retailers. According to the surveys, this includes Amazon (82%), Walmart (36%) and Target (20%) in the U.S., and Amazon (88%), Argos (46%) and Tesco (35%) in the UK.


Which websites have you purchased from over the last 12 months?


A few examples of domains recently created spoofing top retailers


In the spirit of information sharing, we created an infographic that illustrates some of the most surprising results from the surveys, as well as several tactics to safely navigate links to Cyber Monday sales that are shared via email and social media. Let us know what you think of the results and share your tips and tricks for safe online shopping in the comments below.