image

RedAlert! Don't get hacked on the Black Friday Sale!

Cybersecurity researchers say that a scamming group has been operating fake websites advertising Black Friday deals for popular brands in order to steal shoppers’ credit card information and personal details.

In a new report, the firm EclecticIQ says it believes the group behind the phishing websites, which it dubbed SilkSpecter, lures consumers in the U.S. and Europe to websites that mimic real companies with promotions for deals up to 80 percent off.

“The campaign leveraged the heightened online shopping activity in November, the peak season for Black Friday discounts,” EclecticIQ wrote. “The threat actor used fake discounted products as phishing lures to deceive victims into providing their cardholder data … and personally identifiable information.”

Some of the websites run by SilkSpecter include: northfaceblackfriday.shop, wayfareblackfriday.com, llbeanblackfriday.shop, blackfriday-shoe.top, ikea-euonline.com, and dopeblackfriday.shop.

When a shopper visited one of those websites, SilkSpecter uses popular internet tracking tools from Meta and TikTok, called pixels, to detect where the shopper is located and translate the page to their native language, making it appear more authentic, according to EclecticIQ’s analysis.

The sites used the popular Stripe payment platform to collect shoppers’ credit card information and other details to further make the purchases appear legitimate. But as shoppers entered that sensitive information, SilkSpecter’s websites were collecting and transmitting it to an external server.

EclecticIQ warned that some of the information collected could also be used to target victims with further attacks to compromise multi-factor authentication and breach sensitive accounts.

Shopping scams are common in the build up to the holiday season and the federal Cybersecurity and Infrastructure Security Agency (CISA) recommend that shoppers take several precautionary steps to stay secure. That includes checking to ensure the device you’re shopping on is up to date, creating strong passwords on your shopping accounts, and verifying that the websites you’re buying from are legitimate.