Home Security Will you be scammed on Black Friday?

Research by RiskIQ shows that many supposed Black Friday e-commerce sites are not good for your financial health.

As part of an effort to understand the involvement of bad actors in the e-commerce space, RiskIQ tracked and appraised a major number of websites and apps linked to the upcoming Black Friday online shopping event.

According to their report, around 10% of mobile apps (located by searching for "black Friday") were, or should be, blacklisted as unsafe.

An analysis of nearly seven million sites and apps related to the names of the top five online retailers yielded more than a million instances of blacklisted online properties or 15% of all hits.

As background, the company states, "The source of RiskIQ's Blacklists is our collection of internet data, which our collection architecture of virtual users gathers by scanning, crawling, and passive sensing the internet – including Web pages, mobile apps and stores, and a variety of social websites and apps. RiskIQ's crawling technology covers more than 300 million mobile devices, 1.8 billion HTTP sessions, 783 global locations across more than 100 countries, 16 million mobile apps, and 300 million domain records."

The company makes these general observations:

  • Ensure that you are only downloading apps from official app stores such as Google or Apple;
  • Be wary of applications that ask for suspicious permissions, like access to contacts, text messages, administrative features, stored passwords, or credit card info;
  • Just because an app appears to have a good reputation doesn't make it so. Rave reviews can be forged, and a high amount of downloads can simply indicate a threat actor was successful in fooling a lot of victims. Before downloading an app, be sure to take a look at the developer – if it's not a brand you recognize or has a strange appearance or spelling, think twice. You can even do a Google search on the developer for more clues about its reputation.
  • Make sure to take a deep look at each app. New developers, or developers that leverage free email services (e.g., @gmail) for t heir developer contact, can be enormous red flags – threat actors often use these services to produce mass amounts of malicious apps in a short period. Also, poor grammar in the description highlights the haste of development and the lack of marketing professionalism that are hallmarks of mobile malware campaigns.

iTWire would add that users should access e-commerce properties via their official websites and to use those sites to locate and download the company-provided app.

HOW TO OFFER 4G TO YOUR CUSTOMERS

Download an information pack to learn more about how you can offer competitive 4G plans to your customers.

> everything you need to operate your own 4G telco

> support for you and your customers

> billing, back-end and full compliance.

DOWNLOAD NOW!

HOW TOP MANAGERS MOTIVATE, ENERGISE EMPLOYEES

Download an in-depth guide to managing a healthy, motivated and energetic workforce without breaking the bank.

DOWNLOAD NOW!

David Heath

joomla statistics

David Heath has over 25 years experience in the IT industry, specializing particularly in customer support, security and computer networking. Heath has worked previously as head of IT for The Television Shopping Network, as the network and desktop manager for Armstrong Jones (a major funds management organization) and has consulted into various Australian federal government agencies (including the Department of Immigration and the Australian Bureau of Criminal Intelligence). He has also served on various state, national and international committees for Novell Users International; he was also the organising chairman for the 1994 Novell Users' Conference in Brisbane. Heath is currently employed as an Instructional Designer, building technical training courses for industrial process control systems.

 

 

 

 

Connect

Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities