DomainTools, the leader in domain name and DNS-based cyber threat intelligence, today announced the results of a survey which found that nearly all (98 percent) of the UK population shops online and nearly a third (29 percent) plans to shop on Cyber Monday. This is despite the fact that one in five admitted to having already been caught out by an online scam. With this in mind, DomainTools wants to remind the UK to shop with caution and has provided tips for avoiding Cyber Monday scams.
According to Tim Chen, CEO of DomainTools, “Cyber Monday has grown in popularity year over year, and unfortunately, so has phishing and online counterfeiting. A range of techniques are used to trick shoppers into visiting a fake website or clicking on a malicious link. This can result in a shopper unintentionally sharing financial and personal information with these criminals or even downloading ransomware. As shoppers search for Cyber Monday deals, it’s important that they remember to look closely at links and email addresses before clicking.”
Cyber Monday, the online international shopping spree which follows the better-known Black Friday, falls on November 27. On Cyber Monday 2016 consumers spent approximately £1.9bn online, which represents a 21 percent increase over 2015. “Email, in-app advertising and SMS campaigns are popular with big brands during the busiest shopping time of the year as a way to let consumers know about deals and the latest products,” said Chen. “The trouble is, cyber criminals take advantage of this form of communication by combining look-alike branding with a deceptive domain name. They’re able to reach a broad audience and it only takes a few unsuspecting consumers to result in a successful phishing or malware campaign.”
When asked if they had ever clicked on a link or email that turned out to be a scam, a fifth of survey respondents admitted that they had. When asked what happened as a result, over a quarter (27 percent) of victims’ computers were infected with viruses. In addition, 12 percent had their credit card information stolen and a further 10 percent were tricked into buying a false product. Moreover, nearly a quarter know of someone else who has purchased fake goods from a website that they thought was legitimate.
The brands most likely to be spoofed this November likely correspond with the most popular online retailers, which according to the survey include Amazon (87%), Argos (46%) and Tesco (35%). Using DomainTools PhishEye, DomainTools identified some of the most recent brand abusing domains created by attackers in an attempt to trick online shoppers, including the following:
| Amazon | Argos | Tesco |
| amaznn[.]info | argox[.]org | tescouk-online[.]com |
| amazon.of[.]by | args.co[.]uk | tescorx[.]com |
| amazo[.]nz | agros[.]hu | tescobanks[.]com |
Chen explained how looks can be deceiving—many illegitimate sites look virtually identical to the real thing. This is where looking closely at the URL can make a real difference for staying safe online. Online shoppers should heed these tactics to safely navigate links to Cyber Monday sales that are shared via email and social media:
- Be paranoid. Assume links are dangerous until decided otherwise.
- Navigate directly to a company’s website instead of clicking on links in emails or social media.
- Closely examine URLs and email senders for typos, Examples could include:
- extra added letters in the domain, such as Yahooo[.]com
- ‘rn’ disguised as an ‘m’, such as modem.co.uk versus modern.co.uk
- 1’s disguised as l’s, such as wa1mart.com
- added affixes, such as the “com-” in a domain like starbucks.com-latte[.]us
