Press Releases

RiskIQ Releases 2019 Black Friday E-commerce Blacklist Threat Report

Critical Threat and Consumer Intel for This Year’s Black Friday and Cyber Monday

SAN FRANCISCO – November 21, 2019RiskIQ, the global leader in attack surface management, today released its annual 2019 Black Friday Blacklist threat report. The report shows that attackers will leverage popular brands and unsafe consumer shopping habits to victimize online shoppers during the Thanksgiving weekend shopping frenzy of Black Friday and Cyber Monday.

This year's report analyzes the results of keyword queries of the company's Global blacklist and mobile app database—repositories of threat data compiled over ten years of crawling the web—for the ten most trafficked e-commerce brands over Thanksgiving weekend. As complementary findings to this data, the report includes a survey of 1,000 U.S. online shoppers about their habits and attitudes related to safe online shopping.

The report exposes the e-commerce threat landscape during the busiest shopping weekend of the year, including how threat actors are targeting the top-ten sites with malicious mobile apps and web pages meant to fool customers into downloading malware or handing over sensitive data.

The report’s threat findings include:

  • RiskIQ observed a 20% increase in total blacklisted apps.
  • Of all apps that can be found by searching for terms related to holiday shopping, 951, or 2%, are blacklisted as malicious.
  • The top-10 most trafficked sites on Thanksgiving weekend have a combined total of 6,353 blacklisted apps that contain their branded terms in the title or description.
  • All apps for the top-five ‘Elite’ Retailers in the UK have a combined total of 24 blacklisted apps that contain their branded terms in the title or description.
  • RiskIQ detected 65 incidents of domain infringement across the top-10 most trafficked sites on Black Friday weekend.

Consumer findings include:

  • Nearly 24% of consumer survey respondents have downloaded an app outside of the Google Play and Apple App stores.
  • Nearly 38% of consumers said they do not read or are unsure if they read the permissions before downloading an app.
  • 72% of respondents say they would download a shopping-related app if it offered a steep discount. Yet, more than 58% of consumers say they do not check who the developer is before downloading an app.
  • 77% of respondents said they would purchase with a retailer they've never shopped with before if they offered a steep discount.
  • Only 53% of respondents feel third-party payment systems like Venmo and Amazon Pay are the safest way to pay online.
  • Nearly 33% of respondents say they are only somewhat vigilant or not vigilant when entering payment information online.

For shoppers looking to score great deals while filling out their holiday shopping list, one misinformed action can result in a malware infection, stolen personal data, or a hijacked credit card number. For brands, what begins as an event that significantly boosts sales can turn into a security fiasco that erodes the trust of customers and prospects.

“This year's bad holiday actors will capitalize by using the brand names of leading e-tailers, as well as the poor security habits of consumers,” said RiskIQ Threat Researcher Jordan Herman. “They'll fool shoppers looking for Black Friday deals, sales, and coupons by creating fake mobile apps and landing pages.”

By downloading the report, brands can anticipate how they'll be targeted this Black Friday and Cyber Monday. Meanwhile, consumers can be aware of the risky actions threat actors count on them making, and how to avoid becoming a victim.

The full report can be downloaded here:

*based on 2017 site traffic over Thanksgiving Weekend

About RiskIQ
RiskIQ is the leader in digital attack surface management, providing the most comprehensive discovery, intelligence and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by thousands of security analysts, security teams and CISO’s, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk and take action to protect the business, brand and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners and MassMutual Ventures.

Visit or follow us on Twitter. Try RiskIQ Community Edition for free by visiting

© 2019 RiskIQ, Inc. All rights reserved. RiskIQ is a registered trademark of RiskIQ, Inc. in the United States and other countries. All other trademarks contained herein are the property of their respective owners.


Holly Hitchcock
Front Lines Media