Cybercriminals target holiday shoppers with malicious Black Friday apps

As Black Friday approaches, a new study has revealed that there are hundreds of potentially malicious Black Friday apps online targeting unsuspecting consumers.

RiskIQ's found that cybercriminals are taking advantage of these well-known brands to exploit the popularity of Black Friday and Cyber Monday shopping on the web and on mobile, as out of the 4,331 apps that show up after searching for “Black Friday”, more than five per cent were blacklisted as malicious.

Cybercriminals also appear to have focused their attention on the top five leading e-commerce brands and have created a combined total of 6,600 blacklisted apps containing the names of the brands in either their title or description.

Fake apps and websites

The company's 2018 Black Friday E-commerce Blacklist was compiled by analysing the results of keyword queries of its Global Blacklist and mobile app database for the most trafficked e-commerce brands during the Thanksgiving holiday. 

RiskIQ decided to release its report as an increasing number of consumers embrace the Thanksgiving tradition of searching for Black Friday bargains online. 

In 2017, online shoppers spent $19.6bn over Black Friday and Cyber Monday according to the Adobe Digital Index. Cybercriminals and fraudsters are looking to exploit this trend by setting up fake mobile apps and landing pages with fraudulent branding that they will use to lure consumers into downloading malicious apps and visiting other fraudulent or malicious sites.

Additionally, RiskIQ detected an average of 89,837 monthly instances of the digital credit card-skimmer magecart between August and October of this year.

Black Friday and Cyber Monday are an excellent opportunity to save while doing your holiday shopping but we recommend consumers do so carefully and securely by visiting known sites and using trusted apps.

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.