Home Security Will you be scammed on Black Friday?

Will you be scammed on Black Friday?

Research by RiskIQ shows that many supposed Black Friday e-commerce sites are not good for your financial health.

As part of an effort to understand the involvement of bad actors in the e-commerce space, RiskIQ tracked and appraised a major number of websites and apps linked to the upcoming Black Friday online shopping event.

According to their report, around 10% of mobile apps (located by searching for "black Friday") were, or should be, blacklisted as unsafe.

An analysis of nearly seven million sites and apps related to the names of the top five online retailers yielded more than a million instances of blacklisted online properties or 15% of all hits.

As background, the company states, "The source of RiskIQ's Blacklists is our collection of internet data, which our collection architecture of virtual users gathers by scanning, crawling, and passive sensing the internet – including Web pages, mobile apps and stores, and a variety of social websites and apps. RiskIQ's crawling technology covers more than 300 million mobile devices, 1.8 billion HTTP sessions, 783 global locations across more than 100 countries, 16 million mobile apps, and 300 million domain records."

The company makes these general observations:

  • Ensure that you are only downloading apps from official app stores such as Google or Apple;
  • Be wary of applications that ask for suspicious permissions, like access to contacts, text messages, administrative features, stored passwords, or credit card info;
  • Just because an app appears to have a good reputation doesn't make it so. Rave reviews can be forged, and a high amount of downloads can simply indicate a threat actor was successful in fooling a lot of victims. Before downloading an app, be sure to take a look at the developer – if it's not a brand you recognize or has a strange appearance or spelling, think twice. You can even do a Google search on the developer for more clues about its reputation.
  • Make sure to take a deep look at each app. New developers, or developers that leverage free email services (e.g., @gmail) for t heir developer contact, can be enormous red flags – threat actors often use these services to produce mass amounts of malicious apps in a short period. Also, poor grammar in the description highlights the haste of development and the lack of marketing professionalism that are hallmarks of mobile malware campaigns.

iTWire would add that users should access e-commerce properties via their official websites and to use those sites to locate and download the company-provided app.


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service