December 22, 2021 By David Bisson 2 min read

The number of malicious shopping-related websites increased 178% ahead of the 2021 holiday shopping season, according to Check Point Research. See how to recognize and prevent e-commerce fraud.

A spike in e-commerce fraud websites

Beginning in October, Check Point Research observed an average of 5,300 malicious e-commerce fraud websites emerge each week. That marks a rise of 178% compared to the average for the rest of the year.

The impact of those websites also began to pick up in that period. Earlier in the year, the sites affected one of 352 corporate networks. That impact rose to one in 47 in October. At the beginning of November, it was one in 38.

Those websites involved various types of malicious activity. In one attack campaign, for instance, Check Point Research witnessed malicious actors send out emails advertising “Cheap HandBags” and “Up to 80% OFF Michael Kors HandBags”. Those e-commerce fraud emails contained a link to similar websites hosted on or around Oct. 19.

Another attack campaign sent out a fake “Urgent notice” from an online retailer. The email informed the recipient that the online retailer had failed to renew their account. It contained a link that redirected recipients to a website designed to steal their account credentials.

What e-commerce attacks mean for security

Over the course of 2021, Imperva observed that bot attacks on retail websites increased 13% compared to the same months in the previous year.

Over half (57%) of those attacks on e-commerce websites involved bots, the security firm found. By comparison, bots were behind just a third of attacks on the sites of other industries in 2021.

Bots weren’t the only drivers of e-commerce fraud in 2021, either. At the beginning of December, for instance, Bleeping Computer reported that attackers were using a threat called NginRAT to target the remote access capabilities provided by Nginx servers and to conduct server-side attacks for the purpose of stealing users’ payment card data.

NginRAT appeared on e-commerce servers in North America and Europe that digital attackers had previously infected with CronRAT.

Looking ahead, the rest of the 2021 holiday season isn’t expected to improve for shopping-related websites. Per Zscaler, security researchers estimate that HTTPS threats on e-commerce platforms will grow 314% through the rest of the year.

How to defend against e-commerce fraud this holiday season

In response to the attacks discussed above, organizations can use security awareness training to educate employees about potentially malicious e-commerce websites.

Teams can focus on cultivating their employees’ suspicions of lookalike domains pretending to be retailer websites, holiday shopping offers that appear too good to be true and password reset emails that arise out of nowhere.

In addition, adopt a multifaceted approach to endpoint security that monitors for inappropriate device behavior and controls access to resources. Such methodology can help you quickly respond to instances of malicious e-commerce sites carrying ransomware or other types of digital threats.

More from News

Hackers are increasingly targeting auto dealers

3 min read - Update as of July 11, 2024 In late June, more than 15,000 car dealerships across North America were affected by a cyberattack on CDK Global, which provides software to car dealers. After two cyberattacks over two days, CDK shut down all systems, which caused delays for car buyers and disruptions for the dealerships. Many dealerships went back to manual processes, including handwriting up orders, so that sales could continue at a slower pace. Car buyers who recently bought a car from…

CISA director says banning ransomware payments is off the table

3 min read - The FBI, CISA and NSA all strongly advise against organizations making ransomware payments if they fall victim to ransomware attacks. If so, why not place a ban on paying ransomware demands? The topic came up at a recent Oxford Cyber Forum. Jen Easterly, Director of CISA, commented on the issue, saying, “I think within our system in the U.S. — just from a practical perspective — I don’t see it happening.” It’s unlikely this was a purely spontaneous remark as the…

A proactive cybersecurity policy is not just smart — it’s essential

3 min read - It’s easy to focus on the “after” when it comes to cybersecurity: How to stop an attack after it begins and how to recover when it's over. But while a reactive response sort of worked in the past, it simply is not good enough in today’s world. Not only are attacks more intense and more damaging than ever before, but cyber criminals also use so many different attack methods. Zscaler ThreatLabz 2024 Phishing Report found that phishing attacks increased by…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today