According to the National Retailer Federation, 36% of shoppers plan to purchase items on Cyber Monday, up from 34 percent in 2015, and total spending is expected to exceed $5.8 billion between Black Friday and Cyber Monday.
While Cyber Monday brings a wide range of deals and coupons to consumers, this special shopping day provides ample opportunities for hackers to fool customers into downloading malware in an effort to capture their personal and banking information. Threat actors will go so far as to use retailer’s names to create fraudulent branding and draw a customer to their site or mobile app.
In a report by RiskIQ, it was found that nearly 30 percent of spending on Black Friday and Cyber Monday will take place on mobile phones. RiskIQ ran a keyword query of their mobile app blacklist and database. And the results were staggering.
“1 in 10 mobile shopping apps out of the 5,315 apps that can be found by searching ‘Black Friday’ in global app stores is blacklisted (unsafe to use) as malicious.”
If you are planning on using your smartphone to buy that special gift, learn how to stay safe from malware and hackers this Cyber Monday with these five mobile shopping tips:
Only Download Official Shopping Apps
As mentioned above, hackers will be trying to trick you into thinking that their Cyber Monday deals app is the best one. Make sure you are only downloading shopping apps from an official app store such as Google Play or Apple.
Check Suspicious Permissions
If an app is asking for suspicious permissions, and access to contacts, text messages, administrative features, stored passwords, credit card information and more, do not proceed and delete the app.
Check the Developer, Not the Reviews
Hackers can add false reviews and downloads in an attempt to trick a customers that it's a trustworthy app. This means that you can't always trust a positive reputation. Be sure to search the developer of the app to add another layer of protection to your shopping experience.
“New developers, or developers that leverage free email services (e.g., @gmail) for their developer contact, can be enormous red flags — threat actors often use these services to produce mass amounts of malicious apps in a short period,” said the report.
Also, if the developer is not a brand you recognize or has a strange appearance or spelling, it could be another indication of a fake app.
Check That Grammar
When reading the app description highlights, poor grammar may be a red flag of a fake shopping app. The report indicated that a lack of marketing professionalism that are hallmarks of mobile malware campaigns is an obvious marker of fake apps.
Check Website Links from Social Media Sites
Many threats are going to come through your social media feeds. Before you click through on a link attached to an Instagram photo of that ideal gift, make sure to read the URL and if it looks suspicious, do not click.