Threat Defiance Report



According to PwC’s annual Global State of Information Security Survey 2017, the retail and consumer sector suffered over 4,000 security incidents over the last year.

SecurityScorecard’s analysis of the 50 least secure U.S. retail companies revealed that 30% of the bottom performers were clothing stores, followed by department stores and car dealerships1. However, the good news is credit card fraud was down 29% during this year’s Black Friday/Cyber Monday weekend, which is traditionally one of the busiest weekend for retail and e-commerce. Helpnetsecurity.com attributes this decrease in claims from retail outlets to improvements in identifying and preventing credit card fraud2.

We are following the three scams below that continue to plague online shoppers post Black Friday/Cyber Monday deals:


Cybercriminals know that more consumers are turning to online shopping versus traditional brick and mortar stores for holiday gifts. Large online retailers such as Amazon, Walmart and Apple receive the largest amount of sales and the most targets by scammers. The Better Business Bureau reported in early November that a legitimate-looking email, complete with logos and brand colors, from “Amazon.com” is circulating. The email attempts to convince victims to click on a malicious link to purportedly confirm the victim’s address linked to their Amazon account3.


PayPal phishing scams up the ante by sending alluring phishing emails via a legitimate PayPal address, service @intl[.]paypal[.]com. The email is delivered directly to victims’ inboxes rather than being filtered to spam folders. HackRead.com asserts the scam’s end goal is to steal PayPal login credentials, addresses, credit card data, banking data, passports, identity cards and driver licenses from victims. The phishing email tricks victims into thinking their billing information has changed and directs them to an unassuming link to correct their profile. However, the link brings victims to a PayPal look-alike page that collect stheir log-on information, asks them to enter sensitive personal data (e.g., address, phone number, date of birth, etc.) and even asks for verification of credit card details. At this time, investigators have not announced how the cybercriminals are able to use the official PayPal service email address. PayPal users should avoid using links from emails and navigate to their PayPal accounts independent of pre-suggested links. Additionally, users should verify that all PayPal sites are https secure (have the green lock present) in the address bar before logging onto their account4


Shopping on mobile devices can be riskier than on a standard computer. The additional risk is due to shortened or less visible URLs (due to the smaller screen), fake apps and small print asking for a variety of accesses (e.g., locations, pictures, account data) associated with downloading apps. Although Google Play and Apple App Store actively remove malicious apps, some infected apps inevitably make it through screening process. Typically these are in the form of free apps. Arstechnica reported in September that at least 50 apps in the Google Play store charged fees without users’ knowledge or permission. This practice resulted in as many as 4.2 million downloads and infection of more than 5,000 devices. In this example, the malware family ExpensiveWall uploaded phone numbers, hardware identifiers and location data to servers controlled by the attackers. The stolen phone numbers were later found to register for premium app services and to send text messages. 

During the holidays, mobile shopping is increasingly risky due to a bombardment of holiday-related discounts associated with downloading new apps or links to unverified webpages. To keep yourself safe, we recommend reading the following articles5.  

  1. https://www.pcmag.com/article2/0,2817,2373131,00.asp
  2. https://www.darkreading.com/risk/ten-tips-to-stay-safe-with-your-smartph...
  3. https://www.csoonline.com/article/3197684/internet/the-modern-guide-to-s...
  4. https://staysafeonline.org/blog/proactive-online-safety-tips/
  5. https://staysafeonline.org/wp-content/uploads/2017/11/NCSA_Holiday_Shopp...
  6. http://www.securityweek.com/its-wonderful-time-yearfor-hackers

1SecurityScorecard; 2017 Retail and E-Commerce Report; https://explore.securityscorecard.com/retail-cybersecurity-research-repo...

2Help Net Security; Credit Card Fraud is Down 29% for the First Time; https://www.helpnetsecurity.com/2017/12/01/credit-card-fraud-down/

3Better Business Bureau; A New Scam Targeting Amazon Shoppers; https://www.bbb.org/acadiana/news-events/bbb-scam-alerts/2017/10/a-new-s...

4HackRead; A Tricky PayPal Phishing Scam That Coms From Official PayPayl Email; https://www.hackread.com/a-tricky-paypal-phishing-scam-that-comes-from-o...