Magecart Strikes Again
Ticketmaster, British Airways, and Newegg have all been compromised. Who’s next? Read our research to see how we discovered the breaches.
IDG Connect: 2017 State of Enterprise Digital Defense Report
Findings quantify the security management gap and business impact of external web, social, and mobile threats.
Get the Research Report
Frost & Sullivan: The Digital Threat Management Platform Advantage
The material benefits of a platform-based approach to security outside the firewall.
Read the Report
2018 Holiday Shopping Season Threat Activity: A Snapshot
The 2018 holiday shopping season was the largest ever for online retailers, but threat actors filled their pockets, too.
So what did the threat activity around this shopping frenzy look like?
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
EMA Radar™ Q4 2017 Report
RiskIQ ranked a technology and value leader in digital threat intelligence management.
Get the Analyst Report
This Thanksgiving weekend, online threat actors are poised to claim a pretty big slice of the e-commerce pie.
Online shoppers filled e-commerce cash registers with more than $19.6 billion in sales over Black Friday and Cyber Monday in 2017, and are poised to spend even more this year. To show how cyber threat actors will target this enormous spike in revenue, RiskIQ released its 2018 Black Friday E-commerce Blacklist, which analyzes the results of a keyword query of our Global Blacklist and mobile app database focusing on the ten most trafficked e-commerce sites during Black Friday 2017 and five of the leading e-tailers in the UK.
By setting up fake mobile apps and landing pages with fraudulent branding, they fool consumers into downloading unsafe apps and visiting pages that redirect them to other fraudulent or malicious sites. Nearly 40 percent of the massive influx of spending caused by Black Friday and Cyber Monday in 2017 took place on mobile devices, making shoppers increasingly at risk of encountering threats in the mobile space.
The threat facing e-commerce this holiday shopping season is even more grave given the rise of Magecart, a collection of digital credit card-skimming groups that have stolen the records from an untold number of consumers across thousands of sites including British Airways and Ticketmaster. One of the leading traffic-getters on Black Friday, Newegg, has already been affected by Magecart earlier this year.
Download the full report here
For shoppers, what starts as an attempt to fulfill their holiday shopping checklist for pennies on the dollar can turn into a financial nightmare. For brands, what begins as an event that significantly boosts sales can turn into a security fiasco that erodes the trust of customers and prospects. Talk about indigestion.
The report provides crucial intel for this year’s Black Friday/Cyber Monday shopping weekend, such as:
– Of Black Friday-specific apps: more than 5 percent of mobile apps out of the 4,331 total that can be found searching “Black Friday” in global app stores is blacklisted as malicious.
– Threat actors have focused on the top five leading brands in e-commerce. These brands have a combined total of 6,600 blacklisted apps that contain their branded terms in the title or description.
– The top-10 most trafficked brands averaged over 17 blacklisted apps containing both the branded terms and “Black Friday,” in the title or description, showing clear intent by threat actors to leverage the shopping holiday.
– RiskIQ has detected an average of 89,837 monthly instances of magecart, the digital credit card-skimmer, between August and October 2018.
The source of RiskIQ’s blacklists is through the collection of internet data, which it gathers by scanning, crawling, and passive-sensing the internet—including web pages, mobile apps and stores, and social websites and apps. RiskIQ’s crawling technology covers more than 300 million mobile devices, 1.8 billion HTTP sessions, hundreds of locations across the world, 40 million mobile apps, and 600 million domain records.
Read the entire 2018 Black Friday E-commerce Blacklist report here.
Webcast: Learn how #webskimming attacks work and what organizations can do to protect themselves with @RiskIQ | 4/18 @ 3:30PM ET | https://t.co/1Qe36D9NW1
Today is the deadline to file your taxes, but threat actors didn’t procrastinate. Download @RiskIQ’s 2019 #TaxSeason Threat Roundup for data and analysis around the threat landscape facing taxpayers this year https://t.co/ALAepevk15 #phishing #mobilethreats
Tax Hacks: How Seasonal Scams Cause Yearlong Problems https://t.co/QuqeibM9Xl by @kellymsheridan #taxday #taxtips #fraud #cybercrime
This #phishing page is a copy of an online IRS form for updating electronic #tax information.
A new report found 1,235 instances of similar phishing sites targeting online tax filers, and 468 suspicious URLs.
Via @forbes: Before, cyber security was practiced within the confines of the firewall, but should now traverse the entire internet https://t.co/Bg1vwGhwpp #AttackSurfaceManagement #Infosec