Black Friday Report: Banking data theft will double in 2022

Kaspersky researchers report that the number of attacks via banking Trojans to steal payment data will double in 2022 compared to 2021, reaching nearly 20 million attacks.

In addition to this active campaign to steal bank data, cybercriminals have not stood still this year and have developed new fraud structures. On Black Friday in particular, scammers used a new type of phishing scheme for the first time using Buy Now Pay Later (BNPL) services. These are some of the findings of Kaspersky’s report “How Customers Were Being Scammed Amidst the Black Friday Season in 2022,” which aims to educate people on how to continue shopping safely in the fall.

Banking Trojans are common tools in the arsenal of cybercriminals taking advantage of the fall sales season. Once a consumer browses an online store, the Trojan horse stores all the data that the consumer enters into the site’s forms. This means that cyber criminals have access to the credit or debit card number, expiration date, CVV, and login credentials of the victim to the site. After obtaining this information, attackers can use it to drain the victim’s bank account, use card details for purchases, or sell the data on dark web stores.

Double attack

After the rapid decline in banking Trojan attacks in 2021, cybercriminals have returned to this type of threat with renewed vigor. In 2022, the number of attacks doubled compared to the same period in 2021. From January to November, Kaspersky products detected and prevented nearly 20 million attacks, which means that the total growth in the number of detections reached 92%.

Total number of banking Trojan attacks, 2020-2022 (Jan-October)

Sale season inevitably attracts the attention of shoppers and retailers. However, it is also a favorite time for cybercriminals, who do not hesitate to lure customers online. Cybercriminals create fake hot offers that expire quickly, forcing consumers to rush to get products for free or at a lower price. This is where cybercriminals capture freebie-hungry customers who care little about where they enter their data: phishing or genuine.

In 2022, Kaspersky experts also found numerous examples of phishing pages abusing BNPL services for the first time. These tools allow customers to split the purchase cost into several interest-free installments. Therefore, these services attract consumers, especially young people, and are especially popular during shopping periods such as Black Friday.

An example of such fraud is the abuse of a popular service called Afterpay, which has 20 million active users around the world. The perpetrators created a page that mimicked the official website and tricked unsuspecting victims into entering their credit card numbers and CVV into a fake form. After the user enters their credentials, cybercriminals attempt to steal as much money as possible from this card, draining the victim’s wallet.

The Afterpay simulated phishing page aims to access the potential victim’s account.

“This year’s shopping event – Black Friday – is not only a hot topic for merchants and their customers, but also for scammers who want to steal as much money as possible from impulsive customers. The new scheme involving buy now pay later (BNPL) exploited services only proves that cybercriminals They do not stop wanting to attack the victims and come up with new ways for this.In normal days the customer can easily understand: If the product is very cheap, it is probably a scam, but during the Black Friday sales period, this is not so obvious.Shoppers become less Therefore, they become easy targets for cybercriminals. That is why it is very important to pay attention to the site you are buying from and be careful with unknown companies,” said Olga Svistunova, security expert at Kaspersky.

Very cheap products are less visible during Black Friday and thus an easy way to scam consumers.

Read the full report on Securelist to learn more about Black Friday scams and scams.

Leave a Comment