Cybercriminals Easily Dupe Online Shoppers On Black Friday And Cyber Monday

More than 40 percent of consumers believe emails from ‘trusted brands’ are safe to click, and nearly a quarter of them (24 percent) anticipate doing at least part of their holiday shopping while at work.

These were the findings of a study by Tripwire – a global provider of advanced threat, security and compliance solutions – which evaluated the online cybersecurity awareness of 2,011 consumers from the UK and US.

Irresistible deals

Dwayne Melancon, CTO at Tripwire, said: “Cybercriminals are very resourceful, and they know that the siren song of a good deal is almost always irresistible to bargain hunters. The number one reason to click is trust in a brand, which isn’t good – I have seen some very convincing phishing emails and bogus websites that look nearly identical to the real thing. Shoppers need to look beyond the facade of convincing branding to make sure they aren’t being conned into clicking on a bogus link.”

Other findings from the survey included:

More than a quarter of respondents (26 percent) believe links contained in subscription emails and newsletters are ‘safe.’

23 percent believe links sent from trusted associates are safe to click.

Only 28 percent of consumers believe it is never safe to click on email shopping links.

24 percent plan to do at least some of their holiday shopping at work.

According to a recent survey from the National Retail Federation (NRF), 56 percent of holiday shoppers will do some of their shopping on the Internet this year, and many will be using apps, newsletters and email notifications to find the best deals. Unfortunately, cybercriminal activity spikes during the holiday season, and the initial stages of a cyberattack often use malicious links in emails, texts, newsletters and online apps. These malicious links point users to fake websites, which according to a Google study, can be so effective that they work an astonishing 45 percent of the time.

Despite multiple warnings from the FBI, Better Business Bureau and NRF, many consumers place too much trust in shopping links.

Ken Westin, security analyst for Tripwire, said: “Employees need to be award that anytime their computer is on their corporate network, even if they logged in through a VPN, they can put their organisation at risk by simply visiting the wrong website or clicking the wrong link in an email. Savvy attackers know that malicious links are effective, that’s one reason phishing attacks are so pervasive around the holidays. Employees should be particularly careful when checking personal email at work, or when clicking links in ads on social media sites.

Tripwire’s consumer survey was conducted by One Poll and Dimensional Research.

How much do you know about mobile payments? Take our quiz!