黑色星期五威胁报告（英文版）

2025-04-23 0 0 1.65MB 23 页 5.8玖币

侵权投诉

–

Kaspersky Lab

Beyond Black Friday Threat Report 2017

Contents

Introduction ........................................................................................................................ 2

Methodology and Key Findings .......................................................................................... 3

Phishing – a universal threat .............................................................................................. 4

A new pool for phishers ...................................................................................................... 5

Financial phishing on the rise ............................................................................................. 7

Types of financial phishing ................................................................................................. 9

Black Friday attacks ......................................................................................................... 12

Examples of financial phishing attacks in 2017 ................................................................. 13

Conclusion and advice ..................................................................................................... 20

Kaspersky Lab

Beyond Black Friday Threat Report 2017

Introduction

The festive holiday shopping season, which covers Thanksgiving, Black Friday and Cyber

Monday in late November as well as Christmas in December, now accounts for a significant

share of annual sales for retailers, particularly in the U.S., Europe and APAC.

Those selling clothing, jewellery, consumer electronics, sports, hobbies and books can make

around a quarter of their sales during the holiday period. In 2017, holiday sales in the U.S.

alone are expected to be up by 3.6 to 4.0 per cent on the same time in 2016.

For brands looking to make the most of this annual spending spree, the desire to sell as much

as possible at a time of intense competition is leading to ever more aggressive marketing

campaigns – particularly online.

Promotional emails, banner ads, social media posts and more bombard consumers over the

holiday months; generating a great deal of noise. Tactics such as one-click buying are designed

to making the purchase process ever easier and faster. Further, up to three quarters of emails

received on Black Friday and Cyber Monday are now opened on a mobile device. People are

becoming used to making instant decisions – and that has significant security implications. They

may miss vital signs that things are not what they seem and their data could be at risk.

All this makes this time of year an ideal hunting ground for hackers, phishers and malware

spreaders; disguising their attacks as offers too good to refuse, a concerned security message

from your bank requiring urgent attention, a special rate discount from your credit card service, and

more. All you have to do is enter your personal details, card numbers or bank account credentials.

Messages or links designed to look as if they come from well-known, trusted brands, payment

cards and banks account for many of the malicious communications detected by Kaspersky

Lab’s systems in the last few years. But with studies showing that consumers are more

interested in price and convenience than brand loyalty, there may be growing opportunities for

cybercriminals who lack the skills or resources to create these and have to take the risk that

consumers will entrust all to an unknown brand name or site.

This overview of financial phishing during the fourth quarter of the year updates the

findings of the Black Friday Threat Overview 2016. It covers the types and timing of

financially motivated cyberthreats that buyers, sellers and providers of payment

systems may face over the holiday season – and offers advice on how to stay safe.

Kaspersky Lab

Beyond Black Friday Threat Report 2017

Methodology and Key Findings

The overview is based on information gathered by Kaspersky Lab’s heuristic anti-phishing

component that activates every time a user tries to open a phishing link that has not yet been added

to Kaspersky Lab’s database. Data is presented either as the number of attacks or the number

of attacked users. It updates the 2016 Black Friday overview report with data covering the

fourth quarter of 2016 through to 18 October, 2017.

The festive holiday shopping period now extends from October through to the end of December,

encompassing pre-holiday purchase planning (more than half of U.S. holiday shoppers start

researching and planning what to buy in October) as well as the Black Friday/Cyber Monday

weekend and the run up to Christmas.

Key Findings:

• Following a decline in 2015, financial phishing abusing online payment systems, banks and

retailers increased again in 2016.

• Financial phishing now accounts for half (49.77 per cent) of all phishing attacks, up from

34.33 per cent in 2015.

• Mobile-first consumers are likely to be a key driver behind the rise in financial phishing: the use

of smartphones for online banking, payment and shopping has doubled in a year, and mobile

users will have less time to think and check each action, particularly if they are out and about.

• Attack levels are now fairly consistent throughout the year; and Q4 data shows they are

also more evenly spread in terms of the brand names the phishers make use of.

• Data for both 2015 and 2016 shows a clear attack peak on Black Friday, followed by a fall. In

2016 the number of attacks fell by up to 33 per cent between Friday and Saturday, despite

Saturday being the second biggest shopping day over the holiday weekend in the U.S.

• Financial phishers are exploiting the Black Friday name in their attacks, as well as

consumer awareness of, and concerns about online security – disguising their attack

messages as security alerts, implications that the user has been hacked, or adding

reassuring-sounding security messages.

More about these findings can be found in the overview.

Kaspersky Lab

Beyond Black Friday Threat Report 2017

Phishing – a universal threat

As earlier editions of the Black Friday overview have shown, phishing is one of the most

popular ways of stealing personal information, including payment card details and credentials

to online banking accounts. The schemes are fairly easy to set up, requiring limited investment

and skills – and are mainly reliant on encouraging people to voluntarily part with their personal

and financial information.

Originally spread mainly through emails – phishing attacks are now also carried out through

website banners and pop-ups, links, instant messaging, SMS, forums, blogs and social media.

Fig. 1: Percentage of users on whose computers Kaspersky Lab’s heuristic anti-phishing system was triggered as a proportion of

the total number of Kaspersky Lab users in that country, Q1-Q3 2017

Phishing has a global reach. Kaspersky Lab data on attempted attacks shows that in 2017, China,

Australia, Brazil were particularly vulnerable – with up to a quarter or more (28 per cent) of users

targeted. Followed by North America, large parts of Western Europe, the Russian federation, Latin

America, India and elsewhere – where up to one in six (17 per cent) were affected.

文档加载中……请稍候！
如果长时间未打开，您也可以点击刷新试试。

下载文档到电脑，查找使用更方便

5.8 玖币 0人已下载

立即下载

摘要：

–KasperskyLabBeyondBlackFridayThreatReport20171ContentsIntroduction........................................................................................................................2MethodologyandKeyFindings..........................................................................................

展开>> 收起<<

黑色星期五威胁报告（英文版）.pdf

共23页,预览5页

还剩页未读，继续阅读

声明：本站为文档C2C交易模式，即用户上传的文档直接被用户下载，本站只是中间服务平台，本站所有文档下载所得的收益归上传人(含作者)所有。玖贝云文库仅提供信息存储空间，仅对用户上传内容的表现方式做保护处理，对上载内容本身不做任何修改或编辑。若文档所含内容侵犯了您的版权或隐私，请立即通知玖贝云文库，我们立即给予删除！

黑色星期五威胁报告（英文版）

相关推荐

开通VIP享超值会员特权

作者详情

相关内容

热门标签

举报选择: