RiskIQ’s 2019 Black Friday E-commerce Blacklist Report

Last year, consumers stuffed e-commerce cash registers with a record $6.2 billion in online sales over Thanksgiving weekend—a 23% percent increase over 2017. With that number expected to set another record this year, cyber threat actors are looking to impersonate the most trafficked e-commerce sites, taking advantage of unsafe online consumer habits to get their piece of the pie.

To analyze the methods these cybercriminals will employ this Black Friday and Cyber Monday, and where they’re targeting their malicious efforts, RiskIQ ran a keyword query of our Global Blacklist and mobile app database focusing on the ten most trafficked sites during Black Friday* and five of the leading e-tailers in the UK. We also conducted a survey of 1,000 consumers about their attitudes and habits regarding safe online shopping.

The results show that Black Friday can be a feast for cyber threat actors.

Report findings include:

• Percent increase in total blacklisted apps observed by RiskIQ.
• Total number of malicious apps that can be found by searching for terms related to Black Friday, Cyber Monday, Christmas, and Boxing Day.
• Total number of malicious URLs related to Black Friday, Cyber Monday, Christmas, and Boxing Day.
• Total number of blacklisted apps for the top-five ‘Elite’ Retailers in the UK.
• Amount of incidents of domain infringement across the top-10 most trafficked sites on Black Friday weekend.

Consumer findings include:

• Percentage of consumers that have downloaded an app outside of the Google Play and Apple App stores.
• Percentage of consumers that read the permissions and the developer before downloading an app.
• Percentage of consumers that would download a shopping-related app, even if it was potentially unsafe.
• Percentage of consumers that would purchase with a retailer they’ve never shopped with before if they offered a steep discount.

*based on 2017 site traffic over Thanksgiving Weekend