top of page
griffin jd.jpg

PROJECT: COMBATTING SOCIAL ENGINEERING AND PHISHING THREATS ON CYBER MONDAY - 2 DECEMBER 2024

YOU MAY SHARE THIS PUBLIC DOCUMENT

 

Cyber Monday is a hallmark of the holiday shopping season, bringing an avalanche of online deals and an equally large wave of cyber threats. As consumers flock to e-commerce sites in pursuit of discounts, cybercriminals ramp up efforts to exploit the online frenzy. Social engineering and phishing attacks, designed to manipulate and deceive, are among the most common tactics. Strengthening cybersecurity during Cyber Monday is essential to ensure a safe and enjoyable consumer shopping experience and a secure business operating environment.


Cyber Monday and Black Friday share significant overlaps in the types of cybersecurity threats consumers and businesses face, primarily because both involve heightened online and offline shopping activity, increased transactional volume, and a surge in marketing communication.


Read our previous warnings for more context:

 

THE DANGERS:

  • Social engineering leverages psychological manipulation to deceive victims into divulging sensitive information.

  • On Cyber Monday, these tactics may include:

    • Impersonation: Fraudsters pose as customer support agents, payment processors, or courier services to gain trust.

    • Pretexting: Attackers fabricate scenarios, such as a problem with a payment, to trick shoppers into sharing financial details.

    • Baiting: Fake "too-good-to-be-true" deals lure victims into compromised websites.

  • Phishing attacks are particularly rampant during Cyber Monday due to the sheer volume of online activity.

  • Common methods include:

    • Fraudulent messages or emails containing links to fake websites or malicious attachments.

    • Text messages called smishing (SMS phishing) mimic legitimate retailers, prompting users to click malicious links.

    • Spoofed websites or cloned versions of popular retail platforms are designed to steal credentials or payment information.

·         Cyber Monday is a prime hunting ground for cybercriminals due to several factors:

  • The increase in online sales and the mere volume of transactions creates a vast pool of potential victims.

  • Consumers often make quick decisions to secure limited-time deals, compromising their vigilance.

  • Smaller retailers rushing to capitalise on the shopping surge may lack comprehensive cybersecurity measures.

 

MEASURES AGAINST THE DANGERS OF SOCIAL ENGINEERING AND PHISHING:

  • The first line of defence is awareness.

    • Look for telltale signs such as spelling errors, generic greetings, and unsolicited requests for sensitive information.

    • Hover over links in emails and messages to check if the URL matches the claimed source.

    • Share details only on verified websites and apps.

  • Both individuals and businesses can deploy technology to enhance security:

    • Multi-factor authentication (MFA) adds a layer of security by requiring additional verification beyond passwords.

    • Antivirus and anti-phishing software detects and blocks malicious content.

    • Secure payment gateways ensure that online transactions are encrypted and safe from interception.

  • Retailers must implement stringent security measures to protect their customers and systems:

    • SSL Certificates encrypt website traffic to secure sensitive data.

    • Regular updates and patches: Address vulnerabilities in software and plugins.

    • Behavioural analytics detects unusual patterns, such as multiple failed login attempts or high-volume transactions from a single IP address.

  • Consumers can adopt practical habits to reduce their risk:

    • Use credit cards instead of debit cards, which often offer better fraud protection.

    • Shop from known retailers and stick to well-established stores or verified third-party marketplaces.

    • Check website authenticity, ensure it uses “https://” and verify its domain name.

    • If using public networks, employ a VPN for secure browsing.

 

REMEMBER:

  • Always confirm the legitimacy of emails, texts, and websites before sharing personal information.

  • Update software, enable firewalls, and use reputable security tools.

  • Regularly check bank accounts for unauthorised transactions and report them immediately.

  • If a deal seems too good to be true, it likely is.

 

Security should never be sacrificed for the thrill of Cyber Monday shopping. The frenzy of the holiday shopping season is a breeding ground for cybercriminals, who use phishing and social engineering techniques to take advantage of weaknesses.

 

This Cyber Monday, stay vigilant, stay safe, and make wise decisions to outsmart cybercriminals.

 

Specialised Security Services invites the public to the Mike Bolhuis Daily Projects WhatsApp Channel.

This channel is important in delivering insights into the latest crime trends, awareness, warnings and the exposure of criminals.


How to Join the WhatsApp Channel:

1. Make sure you have the latest version of WhatsApp on your device.

2. Click on the link below to join the Mike Bolhuis Daily Projects WhatsApp Channel:

3. Follow the prompts to join the channel.

4. Make sure you click on "Follow", then click on the "bell"-icon (🔔)

 
CONTACT MR MIKE BOLHUIS FOR SAFETY AND SECURITY MEASURES, PROTECTION, OR AN INVESTIGATION IF NEEDED.

ALL INFORMATION RECEIVED WILL BE TREATED IN THE STRICTEST CONFIDENTIALITY AND EVERY IDENTITY WILL BE PROTECTED.
 

Regards,

Mike Bolhuis

Specialist Investigators into

Serious Violent, Serious Economic Crimes & Serious Cybercrimes

PSIRA Reg. 1590364/421949

Mobile: +27 82 447 6116

Fax: 086 585 4924

Follow us on Facebook to view our projects -


EXTREMELY IMPORTANT: All potential clients need to be aware that owing to the nature of our work as specialist investigators there are people who have been caught on the wrong side of the law - who are trying to discredit me - Mike Bolhuis and my organisation Specialised Security Services - to get themselves off the hook. This retaliation happens on social media and creates doubt about our integrity and ability. Doubt created on social media platforms is both unwarranted and untrue. We strongly recommend that you make up your minds concerning me and our organisation only after considering all the factual information - to the exclusion of hearsay and assumptions. Furthermore, you are welcome to address your concerns directly with me should you still be unsatisfied with your conclusions. While the internet provides a lot of valuable information, it is also a platform that distributes a lot of false information. The distribution of false information, fake news, slander and hate speech constitutes a crime that can be prosecuted by law. Your own research discretion and discernment are imperative when choosing what and what not to believe.


STANDARD RULES APPLY: Upon appointment, we require a formal mandate with detailed instructions. Please take note that should you not make use of our services – you may not under any circumstance use my name or the name of my organisation as a means to achieve whatever end.


POPI ACT 4 of 2013 South Africa: Mike Bolhuis' "Specialised Security Services" falls under Section 6 of the act. Read more here: https://mikebh.link/fntdpv

 
SSS TASK TEAM:
 
 

Copyright © 2015- PRESENT | Mike Bolhuis Specialised Security Services | All rights reserved.


Our mailing address is:

Mike Bolhuis Specialised Security Services

PO Box 15075 Lynn East

Pretoria, Gauteng 0039

South Africa

Add us to your address book


THIS PUBLIC DOCUMENT WAS INTENDED TO BE SHARED, PLEASE DO SO.

512 views0 comments

Comments


bottom of page