Black Friday Triggers More Than 600% Rise in Attempted Retail Cyber Scams
Black Friday Triggers More Than 600% Rise in Attempted Retail Cyber Scams
CAMBRIDGE, UK, Dec. 4, 2024 /PRNewswire/ -- Darktrace, a global leader in AI for cybersecurity, today revealed a surge in retail cyber attacks at the opening of the 2024 holiday shopping season.
英國劍橋,2024年12月4日 /PRNewswire/ — 網絡安全人工智能領域的全球領導者Darktrace今天透露,在2024年假日購物季開幕時,零售網絡攻擊激增。
Analysis from Darktrace's threat intelligence team using data from across the Darktrace customer fleet shows that during Black Friday week (25th to 29th November 2024) attempted Christmas-themed phishing attacks leapt 327%1 around the world, while Black Friday themed phishing attacks jumped 692% compared to the beginning of November (4th - 9th November)2, as bad actors seek to take advantage of consumers and holiday brands during the busy shopping period.
Darktrace的威脅情報團隊使用來自整個Darktrace客戶群的數據進行的分析顯示,在黑色星期五週(2024年11月25日至29日),全球未遂的聖誕節主題網絡釣魚攻擊躍升了327%1,而黑色星期五主題的網絡釣魚攻擊與11月初(11月4日至9日)相比增長了692%2,原因是不良行爲者試圖在繁忙的購物期間利用消費者和度假品牌。
The United States retail sector faced an especially aggressive wave of cyber threats, with phishing attacks mimicking major holiday brands3 including Walmart, Target, and Best Buy increasing by more than 2000% during peak shopping periods.
美國零售業面臨着特別激進的網絡威脅浪潮,在購物高峰期,模仿主要假日品牌3(包括沃爾瑪、塔吉特和百思買)的網絡釣魚攻擊增加了2000%以上。
The analysis also highlighted the shifting attention of scammers as the festive season arrives from targeting business to consumer needs, with impersonation of major consumer brands4 growing 92% globally between the analyzed periods while mimicking of workplace focused brands5 declined by 9%.
該分析還突出表明,隨着節日季的到來,詐騙者的注意力從針對業務轉向消費者需求,在分析期之間,模仿主要消費品牌4的全球增長了92%,而對以工作場所爲中心的品牌5的模仿下降了9%。
Brands, particularly major retailers like those analyzed, invest significantly in protecting themselves and their customers from scams and cyber attacks and often step up those measures for the holiday period. However, brand impersonation in phishing occurs entirely outside retailers' legitimate infrastructure and security controls and happens at too great a volume for brands to catch and stop every instance. While new technologies, like AI, are helping security teams close the gap, brand impersonation remains a common challenge for brands.
品牌,尤其是像分析過的零售商這樣的大型零售商,在保護自己和客戶免受詐騙和網絡攻擊方面進行了大量投資,並且經常在假日期間加強這些措施。但是,網絡釣魚中的品牌冒充行爲完全發生在零售商的合法基礎設施和安全控制範圍之外,而且發生的數量太大,品牌無法捕捉和阻止每一個事件。儘管人工智能等新技術正在幫助安全團隊縮小差距,但品牌模仿仍然是品牌面臨的共同挑戰。
"The festive shopping season creates a perfect storm for cyber criminals," says Nathaniel Jones, VP of Threat Research, Darktrace. "Consumers are primed to expect floods of retail deals, while retailers are processing tremendous transaction volumes at speed. This combination makes spotting suspicious patterns more challenging than at any other part of the year. Bad actors taking advantage of that with brand impersonation is nothing new, but the rapidly growing volume of those attacks makes them a real worry. Both consumers and brands need to be increasingly alert to potential scams, but we can all take heart that big name retailers have some of the most sophisticated protections possible to help safeguard their customers, and technologies like AI cybersecurity, that spot spoofs and attacks that humans wouldn't, are catching and stopping more of these attacks than ever before."
Darktrace威脅研究副總裁納撒尼爾·瓊斯說:「節日購物季爲網絡犯罪分子帶來了一場完美的風暴。」「消費者已經做好了期待大量零售交易的準備,而零售商正在快速處理龐大的交易量。這種組合使得發現可疑模式比一年中的任何其他時候都更具挑戰性。不良行爲者利用這一點模仿品牌並不是什麼新鮮事,但是這些攻擊數量的迅速增長使他們真正感到擔憂。消費者和品牌都需要提高對潛在騙局的警惕,但我們可以振作起來,大牌零售商擁有一些可能的最複雜的保護措施來幫助保護客戶,而像人工智能網絡安全這樣的技術,可以發現人類不會出現的欺騙和攻擊,比以往任何時候都要捕捉和阻止更多的此類攻擊。」
Darktrace's findings demonstrate some of the most common brand spoofing strategies used by attackers during the holiday season. In one strategy, brand impersonation phishing, attackers send a phishing email designed to look like a favourite retailer, enticing their target to click a link for a discount, when in fact the link downloads malware to their device. The most effective attacks are multi-stage: brand impersonation emails lead unsuspecting shoppers directly to websites that look like the retailer but harvest login or payment details, creating a seamless deception that hands personal and financial data directly to attackers. This coordinated approach exploits the chaos of holiday sales, when shoppers are primed to expect high volumes of retail emails and website traffic promoting significant savings.
Darktrace的發現展示了攻擊者在假日季使用的一些最常見的品牌欺騙策略。在一種策略,即品牌模仿網絡釣魚,攻擊者發送一封看起來像最喜歡的零售商的網絡釣魚電子郵件,誘使目標點擊鏈接以獲得折扣,而實際上該鏈接會將惡意軟件下載到他們的設備上。最有效的攻擊是多階段的:假冒品牌的電子郵件將毫無戒心的購物者直接引導到看起來像零售商但收集登錄或付款詳細信息的網站,從而形成一種無縫的欺騙手段,將個人和財務數據直接交給攻擊者。這種協調的方法利用了假日銷售的混亂局面,當時購物者已經準備好期待大量的零售電子郵件和網站流量可以節省大量費用。
Five essential security measures for retailers
零售商的五項基本安全措施
With the festive season in full swing, retailers must stay vigilant against rising cyber threats. Here are five tips to help businesses protect themselves and their customers.
隨着節日的全面展開,零售商必須對日益增加的網絡威脅保持警惕。以下是幫助企業保護自己和客戶的五個技巧。
-
Make logins secure: Firstly, ensure all staff have strong passwords (12-16 characters). Set up multi-factor verification across all business systems. This extra layer of security means even if passwords are compromised, unauthorised users can't access your accounts during the busy retail period and use them to target your customers.
-
Lock down email: Call your IT team and ask them if they have DMARC switched on. DMARC stops scammers from sending emails that look like they're from your company and helps you see who is illegitimately sending from your email domain to protect your brand.
-
Prepare your team: Regular security training and business wide communications help staff identify and report seasonal scams. Focus on current threats and emerging patterns - when your team knows what to look for, they become your strongest defence against cyber attacks.
-
Monitor brand impersonation: Set up Google Alerts to track mentions of your brand and warn you of counterfeit websites and fraudulent domains. Also lock down your brand name with official registrations. This makes it easier to spot and shut down fake accounts and copycat websites. Several brand protection tools out there can help catch imposters too. Quick detection helps you respond rapidly to brand exploitation and protect your customers from sophisticated scams.
- Strengthen payment processes: Implement tiered access policies with stricter controls for finance team members who handle transactions. Apply more rigorous authentication and monitoring requirements compared to non-financial roles, ensuring sensitive payment operations are limited to authorized personnel.
- 確保登錄安全:首先,確保所有員工都有強密碼(12-16 個字符)。在所有業務系統上設置多因素驗證。這種額外的安全層意味着,即使密碼遭到泄露,未經授權的用戶也無法在繁忙的零售期間訪問您的帳戶,也無法使用它們來鎖定您的客戶。
- 鎖定電子郵件:致電你的IT團隊,詢問他們是否開啓了DMARC。DMARC阻止詐騙者發送看起來像來自你公司的電子郵件,並幫助你查看誰在從你的電子郵件域名非法發送電子郵件,以保護你的品牌。
- 讓您的團隊做好準備:定期的安全培訓和全業務範圍的溝通可幫助員工識別和舉報季節性詐騙。專注於當前的威脅和新出現的模式——當你的團隊知道要尋找什麼時,它們就會成爲你抵禦網絡攻擊的最強防禦措施。
- 監控品牌模仿行爲:設置 Google 快訊以跟蹤對您的品牌的提及,並警告您注意假冒網站和欺詐性域名。還要通過官方註冊鎖定您的品牌名稱。這樣可以更輕鬆地發現和關閉虛假帳戶和模仿網站。有幾種品牌保護工具也可以幫助捕捉冒名頂替者。快速檢測可幫助您快速應對品牌攻擊,保護您的客戶免受複雜騙局的侵害。
- 加強付款流程:實施分層訪問政策,對處理交易的財務團隊成員進行更嚴格的控制。與非財務角色相比,應用更嚴格的身份驗證和監控要求,確保敏感的支付操作僅限於授權人員。
About Darktrace
關於《暗黑追蹤》
Darktrace is a global leader in AI for cybersecurity that keeps organizations ahead of the changing threat landscape every day. Founded in 2013, Darktrace provides the essential cybersecurity platform protecting organizations from unknown threats using its proprietary AI that learns from the unique patterns of life for each customer in real-time. The Darktrace ActiveAI Security Platform delivers a proactive approach to cyber resilience with pre-emptive visibility into security posture, real-time threat detection, and autonomous response – securing the business across cloud, email, identities, operational technology, endpoints, and network. Breakthrough innovations from our R&D teams in Cambridge, UK, and The Hague, Netherlands have resulted in over 200 patent applications filed. Darktrace's platform and services are supported by over 2,400 employees around the world who protect nearly 10,000 customers across all major industries globally. To learn more, visit .
Darktrace 是網絡安全人工智能領域的全球領導者,它使組織每天都能領先於不斷變化的威脅格局。Darktrace成立於2013年,使用其專有的人工智能提供必不可少的網絡安全平台,可實時從每個客戶的獨特生活模式中學習,保護組織免受未知威脅。Darktrace ActiveAI 安全平台提供了一種主動的網絡彈性方法,可以先發制人地了解安全態勢、實時威脅檢測和自主響應,從而保護雲端、電子郵件、身份、運營技術、端點和網絡中的業務。我們在英國劍橋和荷蘭海牙的研發團隊的突破性創新已提交了200多項專利申請。Darktrace 的平台和服務由全球超過 2,400 名員工提供支持,他們爲全球所有主要行業的近 10,000 名客戶提供保護。要了解更多信息,請訪問。
1Based on analysis of 626 customer deployments and attempted phishing emails mentioning Christmas that were detected by Darktrace / EMAIL.
2Emails in the analysis mentioning 'Black Friday' or 'Cyber Monday'.
3Walmart, Target, Best Buy, Macy's, Old Navy, 1800-Flowers
4 Amazon, eBay, Netflix, Alibaba, Paypal, Apple
5Oracle, Zoom, Adobe, Microsoft Exchange, Microsoft Outlook, Microsoft Teams, Slack, WeTransfer, Docusign, Sharepoint, Linkedin, Dropbox
1基於對Darktrace/EMAIL檢測到的626封客戶部署和提及聖誕節的未遂釣魚電子郵件的分析。
2分析中提到 「黑色星期五」 或 「網絡星期一」 的電子郵件。
3沃爾瑪、塔吉特、百思買、梅西百貨、Old Navy、1800-Flowers
4 亞馬遜、eBay、Netflix、阿里巴巴、貝寶、蘋果
5甲骨文、Zoom、Adobe、微軟 Exchange、微軟 Outlook、微軟 Teams、Slack、WeTransfer、Docusign、Sharepoint、Link
SOURCE Darktrace
來源 Darktrac