Tricking someone into clicking on a fake website and turning over their personal data has been a favorite scam of hackers, and it doesn’t seem to be abating, with security firm Cyren reporting a fake Michael Kors shopping website coming in as the highest volume non-malware attack of all of 2016.
In a blog post Thursday (Dec. 22), Cyren said a spam attack for the fake Michael Kors website is the highest Cyren’s security cloud has seen this year. Cyren noted traditional ransomware distribution volumes aren’t up that much during the holiday seasons. That “is actually not good news, since they continue at their normal, torrid pace. It only shows that the criminal gangs behind them don’t take a holiday during the holidays,” Cyren said in the blog post.
As for spam around the holidays, Cyren found that 78 percent of emails this past week with the word “Christmas” in the subject line are spam. “Considering that Cyren inspects billions of emails every day, that’s a lot of lumps of coal in inboxes,” it said.
While Michael Kors shoppers may have something to worry about, it’s not only fake websites consumers have to contend with. According to recent reports by The New York Times, this holiday season, there has been a flurry of fake retail and product apps popping up in the Apple App Store. They sometimes pretend to be real retail chains, like Dollar Tree and Foot Locker, or big department stores, like Dillard’s and Nordstrom, or online product bazaars, like Zappos.com and Polyvore, or even luxury brands, like Jimmy Choo, Christian Dior and Salvatore Ferragamo. “We’re seeing a barrage of fake apps,” said Chris Mason, chief executive of Branding Brand. Not all are theft-oriented — some are essentially harmless spam apps. But some are not so harmless, as they take credit cards that can be reused fraudulently or install malware that can steal personal information or even lock the phone until the user pays a ransom.