The period of Black Friday sales and online shopping events such as Cyber Monday is a perfect playground for cybercriminals. The sharp increase in the volume of online commerce and the number of buyers allows attackers to take advantage of the behavior of consumers looking for attractive deals and target attacks in particularly sophisticated ways, including tools based on artificial intelligence.
according to Yossi Tal,CEO of the cyber company CYFOX, which specializes in providing information security solutions to managed security service providers (MSSP’s) that include information security solutions based on artificial intelligence, the types of attacks are divided into two main categories.
Attacks on websites
A central goal of these attacks is to penetrate the security systems of websites and steal sensitive information, such as usernames, passwords, and credit card numbers. Attackers exploit weaknesses in website security to gain access to important data.
Social engineering based attacks
This category includes sophisticated methods aimed at persuading users to reveal sensitive information or perform actions that help attackers. One common method is to create fake websites that look completely legitimate and impersonate well-known retailers. These sites are used as traps for financial fraud and theft of personal data. In addition, there are other tactics used by the attackers.
Phishing
Email messages impersonating official emails from well-known websites, combining logos and convincing content, in an attempt to lead users to fake websites through tempting offers or fictitious discounts.
Ad-based attacks on legitimate websites
A common attack technique is the iFrame where malicious content is inserted into advertisements on a legitimate website. When the user clicks on the advertisement, he is exposed to content that looks legitimate, but at the same time a malicious code is inserted into his device.
In addition, there are publications on social networks that pretend to be alerts about promotions, but lead to malicious links and may harm users’ security by stealing passwords or important personal data.
To protect yourself during the online shopping period, and allow yourself to buy with peace of mind, suggests Nir Yehoshuaresearch manager at the cyber company CYFOX to observe some rules.
Verify reliability
It is important to check the reliability of websites before making a purchase and to check that the websites are secured with the HTTPS protocol and that they belong to well-known retailers.
Beware of suspicious messages
Avoid clicking on links from unknown sources or offers that look “too good”. In case of doubt, go directly to the retailer’s official website.
Two-factor authentication (2FA)
Enabling this additional layer of security can prevent unauthorized access to your accounts.
Use of limited payment methods
Disposable credit cards or cards with a low limit can reduce the damage in the event of a hack. These measures can add an additional layer of protection.
Update third-party apps and operating system
This is to prevent the infiltration of malware that exploits systems that are not updated with the latest updates
Use of mobile applications
It is more difficult to use them to trick phishing users.
increasing awareness
Be aware of possible threats and failures. You don’t have to go into depth, it’s enough to be aware that these threats exist to increase vigilance.