RiskIQ’s 2019 Black Friday E-commerce Blacklist Report: Crucial Intel for Thanksgiving Weekend

This Thanksgiving weekend, you can be sure that cybercriminals will be getting their fill, too.

In 2018, Black Friday pulled in a record $6.2 billion in online sales, a growth of 23.6% from 2017. Then, Cyber Monday became the most popular day for e-commerce sales ever, amassing $7.8 billion. With online spending this Black Friday and Cyber Monday projected to set yet another record in 2019, cyberattackers are showing that they’re out to get a piece of the online shopping pie.

Already, these bad holiday actors are impersonating the brands of leading e-tailers, as well as the poor security habits of consumers, to fool shoppers looking for Black Friday deals, sales, and coupons. They’re creating fake mobile apps and landing pages to trick users into downloading malware, using compromised sites, or giving up their login credentials and credit card information.

Meanwhile, Magecart, a rapidly growing cybercrime syndicate comprised of dozens of subgroups that specialize in cyberattacks involving digital credit card theft by skimming online payment forms, will thrive over Black Friday and Cyber Monday. Magecart is responsible for placing skimmers on scores of e-commerce sites, and RiskIQ is alerted to new Magecart breaches hourly. With this influx of e-commerce activity, Magecart actors will be working overtime.

To compile crucial intelligence for both consumers and brands around this season’s Thanksgiving shopping weekend, RiskIQ developed our 2019 Black Friday E-commerce Blacklist report. The report analyzes the results of keyword queries of our Global blacklist and mobile app database, RiskIQ’s extensive repositories of cyber threat data compiled over ten years of crawling and passive sensing the web. Specifically, we looked at the ten most trafficked* e-commerce brands over Thanksgiving weekend.

As complementary findings to this data, the report includes a survey of 1,000 U.S. online shoppers about their habits and attitudes related to safe online shopping. The results showed troubling trends that play into the schemes cyber threat actors will use over Black Friday and Cyber Monday.

For shoppers looking to score great deals while filling out their holiday shopping list, one misinformed action can result in a malware infection, stolen personal data, or a hijacked credit card number. For brands, what begins as an event that significantly boosts sales can turn into a security fiasco that erodes the trust of customers and prospects.

The report’s cyber threat findings include:

• RiskIQ observed a 20% increase in total blacklisted apps.
• Of all apps that can be found by searching for terms related to holiday shopping, 951, or 2%, are blacklisted as malicious.
• The top-10 most trafficked sites on Thanksgiving weekend have a combined total of 6,353 blacklisted apps that contain their branded terms in the title or description.
• All apps for the top-five ‘Elite’ Retailers in the UK have a combined total of 24 blacklisted apps that contain their branded terms in the title or description.
• RiskIQ detected 65 incidents of domain infringement across the top-10 most trafficked sites on Black Friday weekend.

Consumer findings include:

• Nearly 24% of consumer survey respondents have downloaded an app outside of the Google Play and Apple App stores.
• Nearly 38% of consumers said they do not read or are unsure if they read the permissions before downloading an app.
• 72% of respondents say they would download a shopping-related app if it offered a steep discount. Yet, more than 58% of consumers say they do not check who the developer is before downloading an app.
• 77% of respondents said they would purchase with a retailer they’ve never shopped with before if they offered a steep discount.

*based on 2017 site traffic over Thanksgiving Weekend

For these insights and much more, download the 2019 RiskIQ Black Friday E-commerce Blacklist Report here.