Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
This Thanksgiving weekend, you can be sure that cybercriminals will be getting their fill, too.
In 2018, Black Friday pulled in a record $6.2 billion in online sales, a growth of 23.6% from 2017. Then, Cyber Monday became the most popular day for e-commerce sales ever, amassing $7.8 billion. With online spending this Black Friday and Cyber Monday projected to set yet another record in 2019, cyberattackers are showing that they’re out to get a piece of the online shopping pie.
Already, these bad holiday actors are impersonating the brands of leading e-tailers, as well as the poor security habits of consumers, to fool shoppers looking for Black Friday deals, sales, and coupons. They’re creating fake mobile apps and landing pages to trick users into downloading malware, using compromised sites, or giving up their login credentials and credit card information.
Meanwhile, Magecart, a rapidly growing cybercrime syndicate comprised of dozens of subgroups that specialize in cyberattacks involving digital credit card theft by skimming online payment forms, will thrive over Black Friday and Cyber Monday. Magecart is responsible for placing skimmers on scores of e-commerce sites, and RiskIQ is alerted to new Magecart breaches hourly. With this influx of e-commerce activity, Magecart actors will be working overtime.
To compile crucial intelligence for both consumers and brands around this season’s Thanksgiving shopping weekend, RiskIQ developed our 2019 Black Friday E-commerce Blacklist report. The report analyzes the results of keyword queries of our Global blacklist and mobile app database, RiskIQ’s extensive repositories of cyber threat data compiled over ten years of crawling and passive sensing the web. Specifically, we looked at the ten most trafficked* e-commerce brands over Thanksgiving weekend.
As complementary findings to this data, the report includes a survey of 1,000 U.S. online shoppers about their habits and attitudes related to safe online shopping. The results showed troubling trends that play into the schemes cyber threat actors will use over Black Friday and Cyber Monday.
For shoppers looking to score great deals while filling out their holiday shopping list, one misinformed action can result in a malware infection, stolen personal data, or a hijacked credit card number. For brands, what begins as an event that significantly boosts sales can turn into a security fiasco that erodes the trust of customers and prospects.
The report’s cyber threat findings include:
Consumer findings include:
*based on 2017 site traffic over Thanksgiving Weekend
For these insights and much more, download the 2019 RiskIQ Black Friday E-commerce Blacklist Report here.
RiskIQ is the leader in attack surface management. We help organizations discover, understand, and mitigate exposures across all digital channels.
Wondering where to spend your Monday night at #RSAC 2020? Look no further! RSVP now to come celebrate with Flashpoint, @elastic, @ThreatQuotient, @Siemplify, and @RiskIQ at IGNITE! http://bit.ly/2VrsOpJ
Tomorrow: Stop by the @CrowdStrike booth at 11:30 to see the RiskIQ Illuminate app in action! It analyzes CrowdStrike endpoint coverage and compares it to RiskIQ's unmatched external data to provide a 360-degree view of your attack surface: https://bit.ly/2ujagwt #RSAC2020
The RiskIQ Illuminate app for @CrowdStrike shows your organization's security visibility gaps by analyzing CrowdStrike endpoint coverage and comparing it to @RiskIQ's view of your digital attack surface https://bit.ly/2HFXStG
🛡️#CyberSecurityBrief #Alert: @FTC Refunds Victims Of @OfficeDepot Tech Support Scam via @BleepinComputer @AthertonLab #CyberSecurity #InfoSec #Malware #Ransomware #DDoS #DataBreach #ITsecurity #CyberThreats #CloudSecurity #CyberSecurityInsights https://cybersecurityinsights.substack.com/p/your-friday-morning-cybersecurity?r=63k3&utm_campaign=post&utm_medium=web&utm_source=twitter