NormShield Blog

Black Friday Special: Potential Phishing Sites Have Quadrupled in The Last 6 Months

Black Friday Special

Every year, Black Friday shopping shift to online stores rather than conducting old traditions such as camping just outside of the stores and rushing to gates. Online stores are easier to shop, search among different types of items, and get the Black Friday Specials.

While “less in-store shopping on Black Friday” becomes a trend, US online sales are expected to increase almost 15 percent this year. This year, sales on Black Friday is now expecting to be record-breaking amount (total of $1 trillion). But, this is not only record to be broken this Black Friday. Our research shows that number of potential phishing sites for most popular online stores ave increased significantly in the last month.

Almost 4,000 potential phishing sites popped up

Phishing Domains

Phishing domains are copycats of legitimate websites to trick users to enter their personal and payment information. Hackers usually send phishing e-mails that lure individuals with false hopes (like 60% discount) on a certain website. These e-mails include a link to phishing domains.

Name-blending (look-alike) phishing domains often swap easily-confused letters (“u” and “v” or “t” and “f”) and/or put additional characters in the domain (ex-ample.com for example.com). These typo-squatting techniques are quite efficient for attackers. To learn more on phishing domains, click here.

Phishing sites that potentially target Black Friday shoppers

We checked the potential phishing sites created in the last six months that might be impersonating most popular nine online stores including Amazon, Ebay, Alibaba, Walmart, Newegg, and others.  We conducted our research by NormShield’s Free Potential Phishing Domain Search.

potential phishing domain search

For the most popular online stores, there are almost 4,000 potential phishing sites registered in the last six months. Half of them are only for one online store.

Potential Phishing Domain Search

Online-Store phishing sites have quadrupled in the last 6 months

In June 2018, 1,089 potential phishing domains registered for the online stores in interest. From June to today, that number has become 3,869. In the last 3 months, the number of potential sites doubled. The increase slightly slows down in the last month.

Online-Store phishing sites

One fifth of the potential phishing domains have SSL or TLS certificates

Websites use SSL certificate to secure the user entries. When a website obtain an SSL or TLS certificate, it is counted as secure and https appears at the explorer bar. https gives a feeling of trust to users. Hackers tries to exploit this trust by obtaining an SSL or TLS certificate for the phishing sites

We have found that more than one fifth of the potential phishing domains have valid SSL or TLS certificates.

more than one

Tips to avoid phishing domains

Following simple tips are useful to avoid phishing domains while enjoying  your Black Friday shopping.

  1. Do not click on the links in suspicious e-mails. Think before click.
  2. Check the domain name for letter swapping other phishing tricks.
  3. Consider using anti-virus programs and anti-phishing toolbar.
  4. Keep your browser up-to-date.
  5. Verify web site’s security by looking for padlock sign at the beginning of https. Click on the padlock to check the owner of the certificate.