Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
January 30, 2020
RiskIQ’s post-mortem of e-commerce threats and the vulnerabilities
SAN FRANCISCO – January 30, 2020 – RiskIQ, the global leader in attack surface management, today released its annual Holiday Shopping Season Threat Review highlighting how bad actors leveraged the season to fill their pockets.
The 2019 holiday shopping season — November 29 through December 31 — raked in a record $1 trillion, an increase of nearly $300 billion from 2018. Online sales increased 13% overall, while Black Friday and Cyber Monday saw 17% and 19% increases respectively. And for every dollar that consumers spend shopping online, bad actors are looking to capitalize.
Hackers capitalize by using the brand names of leading e-tailers, as well as the poor online security hygiene of consumers. They fool shoppers eagerly searching for deals, sales, and coupons by creating fake mobile apps and landing pages. These tactics trick users into unknowingly downloading malware, using compromised sites, or giving up their login credentials and credit card information.
For businesses, what begins as an event that significantly boosts sales can turn into a major security fiasco that erodes the trust of customers and prospects.
Using RiskIQ Illuminate™ — a platform housing petabytes of internet intelligence collected over the past decade — internal analysts were able to efficiently surface malicious findings across several data sets including mobile applications, domain registrations and hosting infrastructure.
RiskIQ’s Key Findings:
To understand the methods threat actors employed and where they focused their efforts, RiskIQ analyzed the RiskIQ Global Blacklist and RiskIQ mobile app database* before and after the holiday season. Our researchers looked for instances of the 10-most trafficked e-commerce sites over the holiday season—brands people are incredibly likely to shop with during that time of year.
For our research into websites and landing pages, the RiskIQ Research team focused on domain infringement and phishing attacks for each of the e-tailers. They also explored instances of their branded terms appearing alongside “Black Friday,” “Cyber Monday,” “Christmas,” or “Boxing Day” in blacklisted URLs. We also looked at “cause-page URLs,” URLs that send potential customers to pages hosting something malicious.
For specific methodology, metrics or to learn more, download the RiskIQ 2019 Holiday Season Threat Review: https://www.riskiq.com/infographic/holiday-shopping-threat-review-2019/
*The source of RiskIQ’s Blacklists is our expansive collection of internet data gathered by our exclusive virtual users by scanning, crawling, and passively sensing the internet—including web pages, mobile apps and stores, and the most popular social networks. RiskIQ’s crawling technology covers more than 2 billion daily HTTP requests, hundreds of locations across the world, 40 million mobile apps, and 600 million domain records.
RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75%of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by thousands of security analysts, security teams and CISO’s, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk and take action to protect the business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners and MassMutual Ventures.
Try RiskIQ Community Edition for free by visiting https://www.riskiq.com/community/. To learn more about RiskIQ, visit www.riskiq.com.
© 2020 RiskIQ, Inc. All rights reserved. RiskIQ is a registered trademark of RiskIQ, Inc. in the United States and other countries. All other trademarks contained herein are the property of their respective owners.
Front Lines Media