Carl Wearn is Head of E-crime at Mimecast. He provides threat intelligence with a special focus on email threats encountered by Mimecast, helping companies targeted by cyberattacks uncover the who and why of their attackers. He was previously the head of the Operational Development Team at the UK’s Metropolitan Police’s Falcon Fraud and Cybercrime Command, where he was responsible for all performance, intelligence, and other support functions of the Command, including specialist investigations of high-value cyber-related fraud.
Don’t become a Black Friday statistic
In the rush to grab a great Black Friday deal, many customers lower their guard and leave an opening for cybercriminals to steal their personal information. But there are steps you can take to minimise the danger.
Last November, the Australian Bureau of Statistics (ABS) recorded the highest online retail turnover in 2018. This November the spend is expected to be even higher. As the biggest shopping month of the year has now started, the pressure to buy the latest trending gifts for Xmas can lead to inadvertent mistakes being made online and your email being compromised.
We asked Mimecast’s Head of E-Crime Carl Wearn how everyone can stay protected in the run-up to Black Friday and what scams to look out for.
Are we all our own worst enemy in the run up to Black Friday as we fear missing out on the best deals?
The preparation for this shopping day can be stressful and time-sensitive for both businesses and customers. This significantly heightens the risk of human error, causing or allowing a breach or fraud; a significant factor that contributes to 90% of all breaches. The internet has supercharged this shopping frenzy and facilitates the promotion of sales and discounts.
Are Australia/New Zealand more at risk to scams than other regions?
Criminals are no different in the reach they are trying to get. As nothing is normally sent out it’s immaterial to them where a victim might be and where their credentials are from. That said, Australia has an increased risk due to the increased targeting of wider English language domains and markets.
How prevalent are fake sites? Why do search engines promote scam sites?
Setting up web page domains is quick and easy and there are ways to game search engine algorithms to increase your search ranking. Criminals are well-aware of these techniques; at any-time, there are likely to be hundreds, if not thousands, of these sites and it’s unfortunately very much a “whack-a-mole” kind of situation. They may not necessarily be based in Australia but are likely to offer worldwide shipping. Criminals will steal your money and will not provide any goods “purchased”. In addition, they have stolen your credentials and can commit further fraud using them. Police will often shut down these websites when informed of them but it isn’t difficult for criminals to reinstate them using a new hosting service or name.
How do criminals use website spoofing?
Whole websites can be effectively copied or mirrored and set-up utilising a very similar URL to the original or an obfuscated one in the title bar. Obfuscation can include an extremely lengthy URL with the actual site being linked to only being apparent at the very end of it. Mobile users are particularly vulnerable to this as their browsers are unlikely to display complete URLs. The sites linked to can deliver malicious content or malware when visited, but more commonly they steal credentials via a user’s attempts to log in.
How can consumers check such websites?
A WhoIs search to check how recently a site was set-up can assist. In many cases, a fake site can be easy to spot as they will already have information on the homepage section stating it has only been online since 2019. For all intents and purposes, it will appear to be a genuine home-based website – it may even have a secure payment method attached to it. The lack of online reviews for any website and the extreme levels of discounts are normally the red flags that should make customers think twice.
What other scams will feature as we head to Black Friday?
Customers who are busy shopping and using their mobile devices should be wary of using any public Wi-Fi as these are inherently insecure connections. Any secure or password-protected apps you use over these connections can easily be intercepted and the information stolen. If you’re using cards to purchase online or in-store, it is preferable to use a credit card for the purchase as the money is not immediately withdrawn from your account and it is often easier to remediate fraudulent transactions with a credit card company. Also, be particularly wary of any email or other electronic communications that relate specifically to parcel deliveries and links to or requests for additional information. These are very likely to be malicious emails sent to steal your credentials or infect your devices with malware to allow other criminal activity.
What should people be looking out for to protect themselves?
What are the best ways to avoid scams? Be wary of any discounts or offers made over email or by any other means of electronic communication as these could contain malware or links to infected or spoofed websites. Be particularly wary of any email or other electronic communications that relate specifically to the delivery of items and which may contain links or requests for additional information. Be very careful if purchasing from retailer websites that appear to have set up very recently, particularly within the last few weeks, as these are highly likely to be criminally-operated sites set up specifically to take advantage of consumers on Black Friday. They will appear to offer considerable discounts but these will sadly be too good to be true. Research online reviews and if in any doubt use a more trusted and better-reviewed retailer.
Once the shopping is done, keep a close eye on your bank and card statements for any unexplained or suspicious usage which you are unable to account for. Be particularly wary of any unexplained, very low-value usages as this may indicate that criminals are seeking to exploit your card over the longer term and are testing its usability.