Study of malicious web properties finds 1 in 10 Black Friday mobile apps are blacklisted
SAN FRANCISCO – November 20, 2016 — RiskIQ, the leader in digital risk management, today released the Black Friday eCommerce Blacklist, a cyber research study analyzing the results of keyword queries of their Global Blacklist and mobile app database for five of the leading eCommerce brands. The results revealed the methods cyberthreat actors could employ this Black Friday shopping season, as well as where they’re targeting malicious efforts.
The report’s findings confirmed that threat actors are using these well-known brands specifically to exploit the popularity of Black Friday shopping in both web and mobile:
• Of Black Friday-specific apps: 1 in 10 mobile apps out of the 5,315 total that can be found searching “Black Friday” in global app stores is blacklisted as malicious, or apps that can trick users into downloading malware, giving up their login credentials and credit card information
• Threat actors have focused on the top five leading brands in eCommerce. These brands have a combined total of more than one million blacklisted apps that contain their branded terms in the title or description
• The top five retail brands leading in eCommerce have had a combined total of more than 1,950 blacklisted URLs that contain their branded terms as well as “Black Friday” that are linked to phishing, malware, or spam
The report was released as an exponentially increasing number of consumers embrace the Thanksgiving tradition of hunting for Black Friday bargains online: according to Adobe Digital Index, in 2015, online shoppers filled eCommerce cash registers with more than $5.8 billion in sales over Black Friday and Cyber Monday. But ever the opportunists, threat actors set up their operations where the money is, leveraging top eCommerce brands to exploit user traffic looking for Black Friday deals and coupons.
By setting up fake mobile apps and landing pages with fraudulent branding, they fool consumers into downloading unsafe apps and visiting pages that redirect them to other fraudulent or malicious sites. Nearly 30 percent of this massive influx of spend caused by Black Friday and Cyber Monday will take place on mobile devices, making shoppers increasingly at risk of encountering threats in the mobile space.
The source of RiskIQ’s blacklists is through the collection of internet data, which it gathers by scanning, crawling, and passive-sensing the internet—including web pages, mobile apps and stores, and social websites and apps. RiskIQ’s crawling technology covers more than 300 million mobile devices, 1.8 billion HTTP sessions, 783 global locations across more than 100 countries, 16 million mobile apps, and 300 million domain records.
RiskIQ is a cybersecurity company that helps organizations discover and protect their external-facing known, unknown, and third-party web, mobile, and social assets. The company’s External Threat Management platform combines a worldwide proxy and sensor network with synthetic clients that emulate users to monitor, detect, and take actions against threats. RiskIQ is used by thousands of security analysts including many from the Fortune 500 and leading financial institutions to protect their digital assets, users, and customers from external security threats. The company is headquartered in San Francisco, California, and backed by Summit Partners, Battery Ventures, Georgian Partners and MassMutual Ventures. Information security professionals can sign up for a fully functioning trial version of PassiveTotal for free by visiting www.riskiq.com/whats-new-passivetotal.
To learn more about RiskIQ, visit www.riskiq.com.