Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Online Shopping. Show all posts

The Dark Web’s Role in Phishing and 2FA Security Breaches

 


Black Friday and Cyber Monday may have passed, but the dangers of online scams and cyberattacks persist year-round. Cybercriminals continue to exploit digital shoppers, leveraging sophisticated tools such as phishing kits, fake websites, and cookie grabbers that bypass two-factor authentication (2FA). These tools, widely available on dark web marketplaces, turn online shopping into a risky endeavour, particularly during the peak holiday season.

Cybercriminal Tools: A Growing Threat

Dark web marketplaces operate like legitimate businesses, offering everything from free phishing kits to subscription-based malware services. According to NordStellar threat intelligence:

  • Phishing kits: Often free or low-cost, enable hackers to replicate authentic websites.
  • Fake website templates: Start at $50, tricking users into sharing personal information.
  • Malware subscriptions: Priced at $150 per month, provide hackers with advanced tools.
  • Cookie grabber pages: Sell for $400 or more, enabling access to user accounts by bypassing login credentials and 2FA.

These illicit tools are increasingly accessible, with some even offered at discounted rates during the holiday season. The result is an alarming rise in phishing scams targeting fake shopping sites, with 84% of victims interacting with these scams and nearly half losing money.

The Role of Stolen Cookies in Cybercrime

Session cookies, particularly authentication cookies, are a prized asset for hackers. NordStellar reports over 54 billion stolen cookies available on the dark web, including:

  • 154 million authentication cookies, 23.5 million of which remain active.
  • 37 million login cookies, with 6.6 million still usable.
  • 30 million session cookies capable of bypassing 2FA.

These cookies allow attackers to impersonate legitimate users, gaining unauthorized access to accounts without requiring passwords or verification codes. This capability makes cookie-grabber pages one of the most valuable tools in the hacker’s arsenal.

Protecting Yourself from Cyber Threats

Google has introduced measures like passkeys to combat these threats, offering a more secure alternative to traditional 2FA methods. A Google spokesperson emphasized that passkeys reduce phishing risks and strengthen security against social engineering attacks. Consumers can take additional steps to safeguard their online accounts:

  • Scrutinize links and websites to avoid phishing scams.
  • Switch to advanced authentication methods such as passkeys where available.
  • Stay informed about emerging cyber threats and adopt proactive security practices.

By remaining vigilant and embracing stronger authentication technologies, shoppers can minimize the risks posed by cybercriminals and their evolving arsenal of dark web tools.

The Rise of Temu: A Game-Changer in Online Shopping

 


It has been reported that this year's Super Bowl was watched by 123 million Americans, setting a record. Aside from the nation's biggest sporting event, the blockbuster halftime performance, several camera cutaways, and several shots of Taylor Swift in the audience, they also got six 30-second advertisements for Temu - a Chinese-owned e-commerce company that is also owned by them. 

Politicians in both the UK and the United States have been criticising the giant for being inherently high risk of products being made using forced labour. In its statement to the press, Temu says that all of its merchants are strictly prohibited from employing forced, penal, or child labour. 

As of 2022, the company, which sells everything from clothes to electronics to furniture, first landed in the United States. The company has since then moved to the UK and other countries across the globe. According to data gathered by analyst SimilarWeb, just under 152 million Americans are using the app every month, which has consistently topped worldwide app download charts. 

Described as "Amazon on steroids," by retail analyst Neil Saunders, the company has gained massive popularity over the past few years, shipping to more than 50 countries in the world, with the tagline "Shop like a billionaire." The average cost of a 30-second Super Bowl commercial is about $7 million (£5.5 million), and Temu had six of them this year at the event. 

As a result of the Super Bowl, it appears that the total number of individual visitors to the platform was nearly a quarter higher than the previous Sunday, with 8.2 million users accessing the website and app on the day of the event. According to Ines Durand, an e-commerce expert at SimilarWeb, the number of visitors to Amazon and eBay dropped by 5% and 2% respectively during the same period. These influencers typically have fewer than 10,000 followers, as per her research. 

A Chinese giant known as PDD Holdings is the owner of Temu, according to Shaun Rein, founder of the China Market Research Group, one of the biggest e-commerce companies in the world. Even though the company has traded places with rival Alibaba for the top spot as the most valuable Chinese company listed on a US stock exchange, its current value is just under $150 billion (£117 billion). 

PDD Holdings has expanded overseas to Temu after having successfully conquered the Chinese consumer market several years ago with its current model. Mr Rein, a Shanghai-based entrepreneur, feels that the firm has become a source of great pride and patriotism for its employees. There is a wide range of products available on Temu's website, app, or app-based platform, from steel-toed trainers to a device that helps elderly and pregnant women put on socks to name a few. 

Mr Rein explains that this is a collection of manufactured products that are almost entirely manufactured in factories in China. Ms Durand believes that while Amazon sells this information to manufacturers at a high price, Temu provides it for free to producers who are looking to test the market with a relatively small number of products. 

According to a US Congress report published in July last year, a third of parcels imported into the US were shipped through the de minimis threshold, which is a shipping loophole known as the de minimis threshold. The United Kingdom and the United States, for instance, have a de minimis threshold in place to allow citizens to import goods without incurring additional fees for imports.

Since Temu's products are shipped directly from the factory floor without any middlemen involved, they become essentially duty-free. According to Mickey Diaz, chief operating officer at global freight company Unique Logistics, more regulation may be on the horizon to close shipping loopholes. According to her, the UK has already begun to take a closer look at Temu, especially regarding the sale of weapons that are normally prohibited from entering the UK, but which were being imported owing to these loopholes, she says.

The e-commerce giant Temu has also been criticized for the supply chains it manages, as both British and US politicians accuse the company of selling products made with forced labour. Alicia Kearns MP, who leads the foreign affairs select committee, announced last year that she wanted stronger laws to protect consumers from unintentionally contributing to the genocide of the Uyghur minority by using the online marketplace. 

The company says it is "strictly prohibited" by its merchants that they are going to use forced work, penal labour, or child labour in their shops. Any person doing business with the company must comply with all regulatory standards and compliance requirements before doing business with it, the company told the BBC.

E-Commerce Scam: Read These 5 Tips to Stay Safe from Fake Sites

scam

The e-commerce industry has witnessed tremendous growth in the last decade, and it's likely to rise. Tech behemoths like Apple lead the market, but most businesses these days sell goods and services online, including local stores.

Not only has it changed the way of doing business, but e-commerce has also caused a rapid change in shopping consumer habits. Today, buying what you need is just a click away, you can shop from the comfort of your home, that's the trend now. It is evident that online shopping provides a level of ease that traditional retail can't match, however, e-commerce is without a doubt more risky. 

The e-commerce industry is a hotspot of cyber threats, from phishing attacks to false advertising and credit card skimming scams. As a conscious user, we must know how to protect ourselves. These five helpful tips can help you decide if you're on a fake site before you "add to cart" your favorite product. 

Verify the URL

The URL (Uniform Resource Locator) is the address of a webpage. Hackers make fake sites that look almost the same as the original, they use a domain name that's nearly identical to the site domain they are faking. 

The first thing you should look for is if there are any errors or extra characters in the URL.

For instance, an attacker might make a fake site at flippkartt.com, to scam people into thinking they are using the original Flipkart site. But the real URL will look like "https://flipkart.com/." The URL of the fake site would be "http://flippkartt.com/." You might observe there is a difference in the protocol. The original site uses HTTPS (Hypertext Transfer Protocol Secure), while the fake uses HTTP (Hypertext Transfer Protocol). 

The HTTPS prefix means your data is encrypted in transit, but takes more time and cost to set up, so the scammers don't try. 

In a nutshell, most phishing scams work like this. It all comes down to cloning a real business and stealing sensitive info from users. It is always important to check the URL before you proceed. 

The content and design

A real business website would not have grammatical and spelling mistakes. Few scammers might hustle to proofread the content of their fake site, but not all do that. If you visit a site and notice it has mistakes and typos, chances are it's a scam. 

Similarly, a real business won't publish low-quality images or poor designs. Scammers will do that because they don't have an image to maintain. 

The scammer would scrape photos from the web using software, or just put random images that aren't related to the product. This is your sign to stay away from the fake website. 

Don't fall for too-good-to-be-true offers

The iPhone 15 is currently costing around 72000 INR. Suppose you see the product online selling for 30000 INR, it is most likely a scam. 

It is an easy bait as buyers like to crack deals, and in a rush, fall prey to the scam. Scammers know that huge discounts work as a glue trap for economically struggling buyers. So next time, make sure you see the right price before rushing to "add to cart" on an online shopping website. 

Read the About Us page

A legit e-commerce site will always have an elaborate "About Us" page, the buyer can clearly understand the business's goals, mission, etc. with the help of given info. Sometimes, "About Us" also includes info regarding careers, team members, and ownership. Lastly, there's a detailed privacy policy and a contact form for interested customers and media professionals. 

With time, the scams have upped their games as scammers now use AI to scale their attacks, however only a few bother to make a legit "About Us" page. If you notice that an online shopping site doesn't have these elements, and it's lacking transparency, you should avoid it. Don't spend your money without checking these pages. 

Read the reviews

You should always go through an online store's reviews before buying a product. A legit business will always have a review somewhere. You can start with Google reviews, just type the business name and go to the reviews section. Bingo, you can now check what others say about the store. 

If you can't find even a single review, the store might not be fake, but it's best to avoid it. You can also check what others are saying on social media. Twitter and Reddit are some common sites where users share their experiences. It barely takes a minute, but can save you from a scam. 

Scammers Target Christmas with Labour's Online Safety Bill

 


During the 12 days of Christmas, Labour has predicted that nearly £80m will be lost to online fraud and spam over the holiday season. Ministers were criticised for the delays in the passage of the bill concerning online safety.  

According to police force data that was analyzed by the party, the number of incidents of cybercrime was 312 per day in 2019/20 and 2020/21 on average. This constitutes a loss of £6.36 million per day or a loss of £76 million over the festive period as a result of fraud. There has been criticism of Labour regarding the delay in the parliamentary process of the online safety bill. It has been alleged that the delay is letting criminals and fraudsters off the hook. 

Several delays and amendments have been made to the bill over the past few years. It was anticipated that it would finish its Commons stages by the end of July. At the last minute, however, the government decided to hold a confidence vote for Boris Johnson. Despite a row among conservative MPs over whether or not it would unfairly stifle freedom of speech online, the bill has since been stalled as ministers rewrite key sections of it. 

As a result of this legislation, children will be better protected from hazardous online content and there will be a decrease in the amount of hate speech and self-harm content available online. 

The government is extending the current parliamentary session, which was supposed to end in May, so it can be used as an opportunity to pass major pieces of legislation. The bill on online safety is included in this category. 

Earlier this year, the Shadow Digital minister, Alex Davies-Jones MP, said that the government was giving fraudsters and criminals a free pass. However, the victim protection against fraudulent activity was broken. 

There has been a growing concern that the country's government is not taking fraud seriously - however, being the biggest crime in the UK. During this Christmas holiday season, families are at risk of falling victim to online fraud and cybercrime as they struggle to make ends meet. 

In addition, she stated that the online safety bill has been a significant success thanks to Labour, as it strengthens online fraud protections. But as a result of ministers' willingness to bow down to vested interests rather than stand up for consumers, the entire bill is now at risk. 

Speaking for the Department for Digital, Culture, Media, and Sport, a spokesperson said that the government remains committed to fighting fraud and economic crime. This is regardless of what it takes. 

As part of the DCMS's plans, £400m will be invested over the next three years to help police agencies respond to crimes more effectively. A report published by the company claims that over 2.7 million scams have been removed from the internet in the past year.  

To ensure that the UK is the safest place to be online in the world, the government is committed to passing a world-leading online safety bill. In addition, big tech firms will be required to tackle fraud, including romance scams and fraudulent advertisements. 

Warning for Shoppers: Be Aware of Ransomware

 


With time, cyber attackers are getting updated and using more advanced technologies to steal data and blackmail the victims to get the ransom. One such case happened last year with Austin business Tiny Pies’ Instagram.

The co-founder of Tiny Pies in Austin, Amanda Wadsworth, commented on this incident and explained that they received a mail from an unknown source, and though it looked unauthorized, they clicked on it. After opening the mail, the cyber attackers hacked their system and locked their data. They coerced them to give ransom or else they will delete the account. 

Many cases showed that attackers threaten the victims for a ransom, or else they will leak confidential information on the dark web, where a large amount of such important information is already uploaded, as a consequence of cyber-attacks. 

Bobby Stempfley, the vice president and business unit security officer for Dell Technologies, commented on the rise in cyber-attacks. Dell also has to face many cyber-attacks on Dell. 

She stated that the organizations hold an “astronomical amount of data.” The organizations are managing data that is ten times more than the data that was there five years ago. 

She mentioned, “It is an environment where, when you put in better protections, the threat actors work to find better ways to go, work around those protections.” 

Considering the passion of cyber attackers to continuously find new ways to invade into target’s system and steal data, Stempfley started training employees of Dell to educate them about this ransomware and make them able to identify phishing and other attacks by ransomware. 

Alert for holiday shoppers 

The security company Tanium said that the cases of cyber-attacks are maximum during the holiday shopping season. Tanium added that hackers target when there is higher traffic on websites, such as on holidays, when people surf online more to find good deals. 

Melissa Bischoping, the endpoint security research director at Tanium, said that "security is not just the responsibility of the company storing your data, but it is also an equal responsibility of the shoppers to be alert and aware of such attacks." 

She explained, Shoppers should be cautious when they receive an email and first confirm whether it is legitimate or not. Prefer the trusted official app or the website instead of clicking on the links in emails with “a holiday sale” text. 

She talked about other holiday scams that are carried out using botnets. Cyber attackers collect items that are popularly in demand and add them to sell. Melissa said that the updated technology is working as a helping tool for cyber attackers to target the victims. 

To use the technology as a productive tool for your purpose instead of making it a weapon for hackers, you should follow some tips while shopping for sales online, such as: 

1. In case you receive an email for a shopping sale, do not click on it directly. Search for its authentication on websites or apps. 

2. Do not leave your credit card unchecked. Keep checking your credit card to know if there are any fraudulent charges. 

3. Create different passwords for different websites and apps where you shop from.

Hong Kong: 43 Suspects Arrested For Defrauding HK$12 Million From Victims Via Online Shopping Scams and Love Frauds

 

As a part of the attempts to combat cybercrimes and frauds, Hong Kong has reportedly detained 43 people, with suspicion of being involved in a series of citywide raids during a week-long operation.
 
According to the police force, the arrested suspects between the age of 17 and 75 include waiters, technicians, workers, and unemployed people. During the operation, code-named Skyrocket, police officers seized the suspect’s mobile phones and bank cards.
 
The accused, involving 28 men and 15 women arrested between October 20 to 26, were allegedly deceiving victims of HK$12 million (1.5 million USD) in a total of 37 cases including internet love scams and shopping frauds, the police force reported on Friday.
 
The victims compromised between several hundred Hong Kong to about HK$900,000, says Senior Inspector Thomas Anthony Lo of the Wan Chai district crime squad.
 
The suspects were arrested for acquiring property by deceiving victims, particularly via money laundering. They included bank account holders, who were used to collect and launder crime proceeds.
 
As announced by the force, all the detained suspects were later released on bail, with none of them being charged. Although they are required to report back to the police next month.
 
Money laundering, in Hong Kong, is a punishable offense, involving a maximum sentence of 14 years and a fine of HK$5 million, while obtaining property via fraud carried a maximum sentence of up to 10 years behind the bars.
 
In a similar case, detectives from the Yau Tsim district crime squad detained two men, suspected of being involved in an online shopping scam. Reportedly, the suspects impersonated online buyers, befooling at least 10 victims into selling them valuables worth more than HK$1.5 million, but used cheques that bounced to pay for the goods.
 
The police were introduced to the case after one of the victims, a 41-year-old man reported to them on October 10, it was after he was tricked into falling for the scam and losing a HK$7,000 bracelet.
 
The two suspects aged 34 and 40 were later arrested from their flats in Hong Konk, on Wednesday. Additionally, the police recovered a HK$70,000 handbag from one of the flats, that belonged to one of the victims. While the investigation is still ongoing, more arrests are possible, the police force states.

Payment Card Skimming Resurfaces with an Internet Twist

 

Card skimming has existed prior to the mainstream internet and is experiencing a revival as financial fraudsters recognise new potential to combine physical world data theft with online intrusion to steal even more money and information than ever. Only a week ago, it was announced that over 500 online retail sites were victims of a large "card skimming" incident, in which threat actors placed a device that allowed them to duplicate and steal the data from valid debit and credit cards as they were used for purchases. 

Card skimming fraudsters used to implant a physical device into ATMs or payment terminals to steal information from genuine consumers' payment cards. Nowadays, since online shopping is more popular than ever, cyber thieves are utilising malware placed into the checkout pages of online commerce sites to acquire credit card information, which they can then resell or use in their own nefarious schemes. 

Sansec, a malware and vulnerability detection firm that works with over 7,000 online retailers, was among the first to notice this fraudulent card skimming activity earlier this month. The vendor proposes "cleaning" the affected retail sites in order to remove the harmful code, but experts fear that these cyber-skimmers may just shift their strategy and look for "backdoors" through which they can implement their viruses. 

Many of these new card-skimming attacks, as well as other card information theft tactics where the card is not physically present at the moment of transaction, have been linked to the Magecart cybercriminal gang. Furthermore, if mobile phones begin to have card readers, this situation may worsen. 

The cybersecurity firm was able to speak with the administrators of the hijacked websites, according to another report by Ars Technica. They noticed that the hackers used a SQL injection flaw as well as a PHP object injection attack. Both were apparently using Quickview, a Magento 2 extension that allows buyers to quickly view product information without having to load the listings. 

The hackers were able to add an additional validation rule to the customer_eav_attribute table by misusing the Magento plugin. Furthermore, the credit card skimming group injected a payload onto the site. In order for the code to run successfully, the hackers must first "unserialize" the data on Magento. They would then log in as a new guest on the website.

NCSC Urges Customers to Stay Aware About Scams On E-commerce Platforms

 

National Cyber Security Centre (NCSC) made a final request to customers prior to the busiest weekend before Christmas, to be aware of fraud and data theft attacks. The GCHQ agency requested customers to secure their devices, be informed about unsolicited messages, and reduce the size of information they input into online shopping websites and e-commerce websites. As per the banking body of UK Finance, around €22 bn was spent online on Christmas shopping last year because of the Covid-19 pandemic. 

Currently, with the rise of the Omicron variant, 2021 probably experienced a similar pattern, risking more customers vulnerable online. The attacks may come in many forms, it may include phishing emails having fake shipping details, and fake warnings about hacked accounts or fake gift cards which require the user to share personal details in order to use the offers. Customers may also be contacted through social media messages and emails having "unbelievable" offers for popular discount gift items, like electronics. Once the customer falls for these tricks, he loses his money along with banking details and personal information, which is stolen by the hackers. 

As per NCSC, the urge to buy last moment presents during a festival may be a reason that customers fall victim to such attacks easily. In order to be safe, users can follow some practical steps like having a strong password on websites before placing an order. It is advised to use strong, unique passwords with two-factor authentication for every account, especially banking, email and payment services. Online customers are also advised to avoid unsolicited notifications, particularly messages linked to suspicious websites, and platforms that depend on payment with a credit card. 

Lastly, customers should log in as guests while making a purchase to avoid revealing too much personal information. As per NCSC, "if you think your credit or debit card has been used by someone else, let your bank know straight away so they can block anyone using it. Always contact your bank using the official website or phone number. Don't use the links or contact details in the message you have been sent or given over the phone."

Software Flaw in E-Commerce Sites Abused by Hackers

 

The National Cyber Security Centre (NCSC) of the United Kingdom has notified the administrators of over 4,000 online retailers warning that their sites had been penetrated with Magecart attacks to steal consumers' financial information. 

Malicious actors infuse scripts known as credit card skimmers (aka payment card skimmers or web skimmers) into vulnerable online stores in Magecart attacks (also known as web skimming, digital skimming, or e-Skimming) to extract and rob payment or personal information submitted by patrons at the payment page. 

Eventually, the attackers would exploit this data in different financial and identity theft fraud operations, or they will auction it to the highest bidder on hacking or carding sites. 

"The National Cyber Security Centre – a part of GCHQ – proactively identified 4,151 compromised online shops up to the end of September and alerted retailers to these security vulnerabilities," the UK cybersecurity agency said. 

"The majority of the online shops used for skimming identified by the NCSC had been compromised via a known vulnerability in Magento, a popular e-commerce platform." 

Throughout April 2020, NCSC has been monitoring these stores and has sent alerts to site operators and small and medium-sized organizations (SMEs) after finding the infected e-commerce sites through its Active Cyber Defence program. 

During Black Friday and Cyber Monday affected online merchants were reminded to maintain Magento — and any other software they employ — up to date to prevent attackers from breaching their servers and compromising their online shops and customers' data. 

"We want small and medium-sized online retailers to know how to prevent their sites from being exploited by opportunistic cybercriminals over the peak shopping period," said Sarah Lyons, NCSC Deputy Director for Economy and Society. 

"It's important to keep websites as secure as possible and I would urge all business owners to follow our guidance and make sure their software is up to date." She added.

The organization also advises individuals and families who would like to buy online securely, to only purchase from trusted online retailers, utilize credit cards for online payments, and always be on the lookout for suspicious emails and text messages featuring offers that appear too good to be true. 

The US Cybersecurity and Infrastructure Security Agency (CISA) also issued security guidelines for staying safe while buying online. 

"On Black Friday and Cyber Monday the hackers will be out to steal shoppers' cash and damage the reputations of businesses by making their websites into cyber traps," said Steve Barclay, Chancellor of the Duchy of Lancaster. 

"It's critical, with more and more trade moving online, to protect your business and your customers by following the guidance provided by the National Cyber Security Centre and British Retail Consortium."

E-Commerce Attacks Didn't Increase During Coronavirus Quarantine


Due to the COVID-19 pandemic, people across the globe to stay at home. The quarantine has increased online shopping figures. Even though a majority of the people are shopping online for everything, from food to groceries to daily essentials, the web skimming attacks didn't increase and are supposedly expected not to in the near time, due to it, say cybersecurity experts. Web skimming or Magekart attacks or e-skimming is a kind of cyberattack where the attacker inserts malicious codes in the online stores' website. When the users make any payment in the checkout process while entering the data, the hackers steal their credit card credentials.


Web skimming attacks were famous amid the hackers during 2017-18 and had been rising since then. Various cybersecurity experts and agencies, when asked about 'the impact of large scale online shopping on the web skimming incidents,' they all agree that web skimming attacks will not rise just because more people are shopping now, spending most of their time online, while staying at home. It is because, for a very long time, hackers have tried to breach prominent e-commerce websites but have failed to do so, while the web skimming incidents have remained constant through the years.

According to these cybersecurity experts, there's only one condition under which web skimming attacks can increase, and that is only when the number of online stores will increase can the hackers look for new sites to attack. Unless that happens, the rate of web skimming attacks will remain the same. According to the statistical analyses by Sanguine Security, the data shows that web skimming attacks have slightly fallen during the COVID-19 pandemic. However, not every cybersecurity agency agrees with this data.

But according to Jerome Segura, who is a web analyst at Malwarebytes, the web skimming attacks on online stores have not increased, therefore it confirms with Sanguine Security's data. It may be because the number of online stores increased before 2-3 months, but nobody observed these attacks during that time. Another reason might be that buyers prefer shopping from popular e-commerce websites, which are hard to breach through for hackers.