Black Friday is a field day for fraudsters, says security expert FICO
Consumers and businesses at risk as volume of trade attracts cybercriminals
Black Friday is a dangerous time for consumers because criminals use it as an opportunity for fraud, says security expert FICO.
“Whenever people are buying more, it’s an opportunity for criminals to strike, which makes Black Friday a dangerous time,” the company says.
Jason Keegan, vice president and general manager of the fraud and protection business at FICO, said: “We have made continual AI and machine learning innovations available. Last Black Friday we sent 2.3 million fraud alerts to banking customers.”
Consumers are not the only ones facing cyber attacks as the Christmas shopping season begins. Retailers are also under siege from criminals with an estimated 20,000 fraud attempts already this season. GBG, an indentity and security firm, said that last year more than 18,000 fraud attempts were made against each UK retailer on average during the period between Black Friday and the January sales.
Around 50 per cent of attempts were successful, costing businesses around £37,800 each.
FICO says that aside from shopping fraud, social engineering is an emerging trend and criminals are using fake emails and texts from the victim’s own network of friends, family and business colleagues to request money transfers.
“Criminals are exploiting these direct payments and Faster Payments by masquerading as contractors you do business with, and if you make the payment you may be liable.”
Sarah Knowles, senior security consultant at Nexor, says small businesses need to be particularly wary.
“Not only can a cyber attack cause your business loss of earnings and reputation, but if a data breach also occurs you may be liable to fines imposed by the Information Commissioners Office (ICO), especially if you have failed to put controls in place to protect your business,” she said. “Small businesses, particularly those in the financial sector are likely to hold client data that would be seen as valuable to an attacker, so prevention from cyber attackers is imperative is soon as possible.”
In October, the National Cyber Security Centre (NCSC), part of GCHQ, revealed that it had provided banks with the details of more than a million stolen credit cards. The agency also claimed it had prevented more than 177,000 malicious phishing attacks that attempted to trick people into handing over their passwords.
FURTHER READING: Alibaba's sales jumped 25 per cent to $23bn during Singles' Day
FURTHER READING: UK retail sales growth softens in Q3