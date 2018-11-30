Holiday shopping prompts spike in attacks

Black Friday and Cyber Monday saw an increase in online sales activity – but there was also a massive spike in account takeovers and refund fraud.

This is according to CyberInt Research, which reveals that threat actor “chatter” indicated a 200% increase in refund fraud-related activities, including a 150% increase in discussion of compromised accounts and 90% about e-gift cards.

Chatter about attack tools – mainly credential stuffing tools – saw a 20% increase.

CyberInt also found that cyberthreat indicators averaged 30% higher than usual threat traffic over the five days – although, based on the volume of shopping, this was lower than expected.

Phishing and unofficial marketplaces on the deep web, Darknet, and the less open web had their own Black Friday and Cyber Monday sales, creating hundreds of new domains to swindle holiday shoppers.

Meanwhile, hacking forums had their own sales and discussions about the types of threats they were instigating and offering.

Refund scams and fraudulent gift cards have been increasing against individual retailers; investigations are still ongoing. Gift card samples have been purchased so the retailers and fraud managers can verify and investigate the criminals.

Retailers also faced quite a few brute force attacks, CyberInt reveals. Most were able to block them, but it required allocation of IT resources that were needed to meet online shopping demand.

Issues like this, along with the high volume in legitimate traffic, created unhappy customers. Some retailers faced as much as a 300% increase of negative content on social media from their own customers.

CyberInt expects general holiday-related cybercrime is expected to increase until 25 December, after which retailers can expect an even greater increase in refund fraud.