Press Releases

1 in 25 Black Friday Apps Fake, Finds RiskIQ, Threatening $10.8B in Projected Black Friday Online Sales

San Francisco – Nov. 16, 2017RiskIQ, a leader in digital threat management, today released its 2017 Black Friday E-commerce Blacklist. This cyber research report leverages RiskIQ’s extensive internet reconnaissance and analytics to identify digital threats against the top five e-commerce brands during the Black Friday shopping season. To fool consumers into giving up their login credentials and credit card information, threat actors use the keywords, brand names, and branding of popular e-tailers alongside “Black Friday” in fake apps and landing pages promoting deals and coupons.

Last year, consumers spent $9.36 billion online over the four-day Black Friday weekend, of which $1.2 billion was driven by mobile shopping. If online retail sales grow at 2016’s year-over-year rate of 16.4%, some $10.8 billion in 2017 holiday shopping revenues could be at risk of diversion and theft. Similarly, $1.6 billion in mobile retail sales could be compromised by year-end if 2016’s 33% year-over-year growth rate continues.

Not only should buyers be aware, but online retailers should heed the wake up call to better protect their reputation and extend protection to their consumers. With online fraud, data leakage, and ransomware on the rise, online retailers have ample reason to redouble their focus on how their brands are being used fraudulently by external threat actors across the internet and global mobile app ecosystem to target their customers. This blacklist report offers insights and strategies to protect retailers and shoppers alike.

RiskIQ Black Friday Research findings include:

  • More than 32,000 malicious mobile apps are leveraging the branding of the top-five online retailers. These apps seek to trick shoppers into entering credit card information, giving up Facebook and Gmail credentials, or downloading malware that steals personal information or locks devices until ransoms are paid.
  • Malicious apps represent 4% of the 4,356 (1 in 25) total Black Friday-themed apps available in app stores today.
  • Each of the top five brands have at least 15 malicious apps available that use their brand name and branding alongside the term “Black Friday.”
  • The top-five retail brands leading in e-commerce have had a combined total of more than 1,451 blacklisted URLs that contain their branded terms as well as “Black Friday” and are linked to spam, malware, or phishing.

With both Black Friday and Cyber Monday slated to surge in popularity, RiskIQ expects threat actors to redouble attack strategies, using convincing fake landing pages and mobile apps to lure unsuspecting shoppers into giving up their data. Therefore, the days leading up to Black Friday and Cyber Monday may well see an increase in fraudulent apps and URLs from findings published today.

The source of RiskIQ’s blacklists comes from the company’s comprehensive collection of internet data, employing its exclusive virtual user crawling technology. The company actively scans, crawls, and passively senses the internet—including web pages, mobile apps and stores, and the most popular social networks. This capability covers more than 2 billion daily HTTP requests, 783 locations across more than 100 countries, 20 million mobile apps, and 300 million domain records.

RiskIQ analytics applies correlation models to identify spam, malware, phishing, rogue mobile, and other external threats targeting organizations globally across different industries including retail. The company’s digital threat management product line enables organizations to efficiently identify, understand, and mitigate these and other external threats.

View the full 2017 Black Friday E-commerce Blacklist here:

About RiskIQ

RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social, and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk, and take action to protect business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners, and MassMutual Ventures.

Visit or follow us on Twitter.


© 2017 RiskIQ, Inc. All rights reserved. RiskIQ is a registered trademark of RiskIQ, Inc. in the United States and other countries. All other trademarks contained herein are property of their respective owners.

Alyssa Pallotti
Montner Tech PR