Darktrace Reports 692% Surge in Black Friday Cyber Scams

Share
Darktrace identified an unprecedented rise in retail-focused cyber attacks during the 2024 holiday shopping season
AI cybersecurity firm Darktrace reveals increase in brand impersonation attacks targeting retailers, with holiday-themed phishing attacks rising 327%

The retail sector faces mounting pressure from cyber criminals during the holiday shopping season, as attackers exploit the surge in online transactions and promotional communications to target both retailers and consumers. This trend has intensified in 2024, with cyber criminals developing increasingly sophisticated methods to impersonate trusted retail brands and exploit seasonal shopping patterns.

These attacks come at a time when global e-commerce sales continue to rise, creating opportunities for cyber criminals to exploit the high volume of digital transactions and promotional communications. Retailers must balance the need to engage with customers through email marketing campaigns while protecting them from fraudulent communications that could compromise their personal and financial data.

Youtube Placeholder

Against this backdrop, cybersecurity AI firm Darktrace has identified an unprecedented rise in retail-focused cyber attacks during the 2024 holiday shopping season, with Black Friday-themed phishing attacks increasing by 692% compared to early November.

Darktrace analysis shows US retailers face heightened risk

The company’s threat intelligence analysis revealed that US retailers faced specific targeting, with phishing attacks – emails designed to deceive recipients into revealing sensitive information – mimicking major retail brands increasing by more than 2,000% during peak shopping periods. These attacks specifically targeted customers of Walmart, Target and Best Buy.

Key facts
  • Phishing attacks mimicking major US retail brands increased by more than 2,000% during peak shopping periods
  • Christmas-themed phishing attacks rose 327% globally during Black Friday week
  • Brand impersonation of consumer brands grew 92% while workplace-focused brand exploitation fell 9%

The shift in attacker behaviour shows a clear pivot from business-focused to consumer-oriented campaigns, with impersonation of consumer brands rising 92% globally whilst workplace-focused brand exploitation decreased by 9%.

Multi-stage attacks target Darktrace customers during peak trading

Darktrace’s research identified sophisticated multi-stage attacks targeting shoppers. These attacks begin with brand impersonation emails containing malicious links that download malware – software designed to damage or gain unauthorised access to computer systems. The attacks then direct victims to fraudulent websites that replicate legitimate retail platforms to capture login credentials and payment information.

Nathaniel Jones, VP of Threat Research at Darktrace

“The festive shopping season creates a perfect storm for cyber criminals,” says Nathaniel Jones, VP of Threat Research at Darktrace. “Consumers are primed to expect floods of retail deals, while retailers are processing tremendous transaction volumes at speed. This combination makes spotting suspicious patterns more challenging than at any other part of the year.”

Retailers implement enhanced security measures for holiday season

The analysis highlights how major retailers have implemented additional security measures for the holiday period. However, brand impersonation attacks occur outside retailers' infrastructure and security controls, making them challenging to detect and prevent at scale. The research indicates that retailers are increasingly turning to AI systems to identify and block fraudulent communications that human analysts might miss.

Technologies like AI cybersecurity, that spot spoofs and attacks that humans wouldn't, are catching and stopping more of these attacks than ever before

Nathaniel Jones, VP of Threat Research, Darktrace

During the period from 25th to 29th November 2024, Christmas-themed phishing attacks increased by 327% worldwide. This surge coincided with the peak shopping period, when consumers are most likely to engage with retail communications and promotional offers.

Technical measures required to combat holiday season threats

Darktrace, founded in 2013 and now protecting nearly 10,000 customers globally, emphasises the importance of Domain-based Message Authentication, Reporting and Conformance (DMARC) – an email authentication protocol that prevents unauthorised use of company domains in phishing attempts.

The company’s analysis indicates that implementing multi-factor verification across business systems provides critical protection during high-volume retail periods. This security measure ensures that even if passwords are compromised, unauthorised users cannot access retail accounts to target customers.

The research also reveals the value of monitoring brand impersonation through automated tools and official domain registrations, enabling rapid response to fraudulent websites and copycat domains.

Nathaniel adds: “Bad actors taking advantage of that with brand impersonation is nothing new, but the rapidly growing volume of those attacks makes them a real worry. Both consumers and brands need to be increasingly alert to potential scams, but we can all take heart that big name retailers have some of the most sophisticated protections possible to help safeguard their customers, and technologies like AI cybersecurity, that spot spoofs and attacks that humans wouldn't, are catching and stopping more of these attacks than ever before.”


Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.

Discover all our upcoming events and secure your tickets today. 


Cyber Magazine is a BizClik brand

Share

Featured Articles

Apple's Siri: How The Most Private AI Assistant Works

After a lawsuit, Apple is eager to prioritise privacy in Siri through its on-device processing, minimal data collection and advanced security protection

How The UK’s AI Plan Will Impact The Cybersecurity Sector

The UK’s £14bn AI investment requires enhanced cybersecurity measures as Kyndryl and Vantage Data Centres prepare for infrastructure expansion

Darktrace to Acquire Cado Security in Cloud Defence Push

AI cybersecurity firm Darktrace expands its cloud investigation capabilities through purchase of Cado Security, following recent acquisition by Thoma Bravo

Sophos MDR Reports 37% Customer Growth in Cybersecurity Push

Cyber Security

Netskope Data Shows Phishing Success Rate Tripled in 2024

Cyber Security

CrowdStrike Field CTO Warns of Identity-Based Attacks Shift

Cyber Security