Black Friday marks the start of the holiday shopping season and a surge in consumer spending, but… what if these attractive prices end up being a headache for consumers?
Cybercriminals also have their Black Friday campaigns ready to take advantage of any victims who fall into their traps. In these campaigns, where consumers have always been guided by price as the main and only attraction of the offer, another variable comes into play: reliability.
INCIBE—the National Cybersecurity Institute—has issued a statement emphasizing the importance of scrutinizing emails users receive offering promotions to ensure they are sent by the official brand before clicking on a link, and has noted that users should also verify that the website has a security and privacy section detailing what data is collected and how it is used.
Many cybercriminals carry out massive phishing or smishing campaigns by sending links with discounts via email or SMS. S21sec warns users about the most common phishing and smishing tactics:
- Tricking victims by directing them to unofficial websites that impersonate brands
- Using social engineering techniques and enticing offers
- Stealing personal and financial information, such as login credentials, credit card numbers, or CVV codes, among other things.
They also have a series of recommendations for users during this season of major sales:
- Be wary of emails with great deals
- Ignore emails from unknown and/or unverified senders
- Avoid downloading unreliable attachments or software
- Always verify that the URL is legitimate
- Do not provide personal credentials unless you are certain
- Do not fill out forms with any personal information on unreliable websites
- Keep both your operating system and applications up to date
- Keep your antivirus software up to date; new threats emerge every day.
Always verify the authenticity of the source sending the message, especially if there are suspicious attachments or links that redirect to untrustworthy websites.
