transfer
transfer

Black Friday, and its Phishing and Malware campaigns

The dark side of Black Friday

share post

Black Friday marks the beginning of the Christmas shopping season and mass consumption, but... What if these attractive prices end up being a headache for consumers?

Cybercriminals also have their Black Friday campaigns ready to take advantage of all those victims who fall for one of their traps. In these campaigns, where consumers have always been guided by price as the main and only attraction of the offer, another variable comes into play: reliability.

The INCIBE – National Institute of Cybersecurity has made a statement where it has underlined the importance of analyzing the emails that users receive offering promotions to make sure that it is the official brand that is sending them before clicking on a link, and has pointed out that it should also be verified that the This page has a security and privacy section that details what data is collected and how it is used.

Many cybercriminals carry out massive Phishing or smishing campaigns by sending discounted links by email or SMS. Since S21sec, warn users of the most common phishing or smishing processes:

  • Deceive victims by directing them to unofficial websites that impersonate brands
  • Use social engineering techniques and attractive offer hooks
  • Steal personal and financial information; such as credentials, bank card numbers or the CVV, among others. 

Also, they have a series of recommendations for users during these days of great promotions:

  • Be suspicious of emails with great offers
  • Ignore emails from unknown and/or unverified senders
  • Prevents downloading of unreliable attachments or software
  • Verify that the URL is always legitimate
  • Do not provide personal credentials unless you are sure
  • Do not fill in forms with any personal information on unreliable websites
  • Keep both the operating system and applications updated
  • Keep your antivirus updated, new threats appear every day.

It is always necessary to verify the veracity of the source that is communicating to us, even more so, if there are suspicious attachments or links that redirect to unreliable websites. 

More articles