Love is in the air—and cybercriminals are taking advantage


Malicious Valentine’s Day-themed phishing campaigns are up 29% from last year, according to Check Point Research.

Valentine’s Day-themed phishing campaigns are up 29% from last year, according to Check Point Research.

Image: Check Point Research

Love may be blind, but cybercriminals are not. Over 400 malicious Valentine’s Day-themed phishing individual email campaigns were spotted on a weekly basis in January, according to Check Point Research.

There was also a 29% year-over-year increase in Valentine’s Day-themed domains registered last month, the security firm said. Out of 23,000 domains, 523 were found to be malicious or suspicious, Check Point said.

“We’ve been studying Valentine’s Day shopping scams for a few years now. The jump between this year and last year has been the most substantial,” said Ekram Ahmed, a Check Point spokesperson. “We suspect the primary driver behind the trend is coronavirus.”

SEE: Incident response policy (TechRepublic Premium)

Right now shoppers are increasingly avoiding malls and brick and mortar stores and they are increasingly relying on online shopping, Ahmed said. “Hackers see the behavior change as an opportunity.”

Most of the phishing scams are focused on buyer fraud, and in some cases, they have reused themes and webpages from past phishing campaigns, the firm said.

For example, researchers found an email pretending to be from Pandora that was similar to one they saw being used in Black Friday-related campaigns in November 2020.

“The email’s aim was, as usual, to entice the user into purchasing jewelry items by offering them at unreasonably cheap prices, on a fake Pandora webpage which tries to imitate the look and feel of the real site,” Check Point said.

The fraudulent email sent the year has not changed (“2020 Pandora Official site” instead of 2021) and the company address is written in lower-case (“northern lakes lane, laurel, md, 20723”), according to Check Point.

“These are signs that the email is from a dubious source, and the website is fake. Of course, the sender name has been changed to imitate the brand, but the email address is clearly not related to it.”

Anyone who clicks on the links in the email will be redirected to a fraudulent page (www[.]pcharms[.]com) which tries to imitate the “Pandora” website.

From: Pandora Outlet (xwxrp@langqicyu[.]wang)

Email Subject: Valentine’s Day Give The Gift They Really Want…👩

As people go online to purchase gifts, they should be aware that phishing attacks are often extremely targeted, generally well planned, and backed by a huge amount of research, Check Point said. While cybercriminals leverage different attack vectors, email is the most common one, the firm said.

Other common attack vectors are phishing sites and text messages usually aimed at stealing credentials to perform account takeovers. These can lead to devastating results such as data loss, fraudulent money transfers, and more.

Because these attacks are designed to exploit the human nature of wanting a good deal, it is important to read emails carefully because even the most vigilant and cyber-savvy can sometimes get fooled, the firm said.

The primary vector of these scams is email, Ahmen stressed. “All Valentine’s Day shoppers should think twice before opening up an email from consumer brands.” Make sure to double-check the sender’s email address and don’t click on promotional links in emails. It’s better to Google the desired retailer and click the link from the Google results page, Check Point said.

SEE: How a successful phishing attack can hurt your organization (TechRepublic)

The firm further advises:

  • Always be suspicious of unsolicited password reset emails.

  • Always note the language in the email since social engineering techniques are designed to take advantage of human nature.

  • Beware of “special” offers such as an 80% discount on a new iPhone or an item of jewelry since it’s usually not a reliable or trustworthy purchase opportunity.

  • Look for misspellings.

  • Beware of lookalike domains, spelling errors in emails or websites, and unfamiliar email senders.

Also see



Source link