Black Friday Becomes Black Hat Day Amid Rising Cybersecurity Concerns, Warns UK Expert

As Black Friday approaches, UK cybersecurity experts urge consumers to remain vigilant against a surge of online scams dubbed “Black Hat Day,” warning that shopping frenzies create ripe opportunities for cybercriminals.

Short Summary:

• The UK’s National Cyber Security Centre (NCSC) reports a significant rise in online fraud during the holiday shopping period.
• Experts emphasize the need for additional security measures and heightened consumer awareness.
• The use of artificial intelligence by scammers complicates detection, posing further risks during shopping events.

The anticipated shopping extravaganza of Black Friday has taken on a more ominous tone this year, with experts labeling it “Black Hat Day” due to severe cybersecurity concerns. The UK’s National Cyber Security Centre (NCSC) raised alarms after revealing that online criminals siphoned off over £11.5 million from hapless shoppers during last year’s sales event, marking an increase of nearly £1 million compared to 2021. This rising trend underscores an urgent need for consumer vigilance as e-commerce platforms prepare for this year’s holiday shopping season.

As consumers flock online to snag their favourite deals, industry authorities and experts are reiterating their warnings about potential fraud. NCSC Chief Richard Horne recommends that shoppers adopt two-step verification on vital accounts. This measure is crucial, especially when passwords alone may not provide adequate protection against the increasingly sophisticated tactics used by cybercriminals. “Unfortunately, this is also prime time for cyber criminals, who exploit bargain hunters with increasingly sophisticated scams – sometimes crafted using AI – making them harder to detect,” Horne noted.

“To stay protected, I strongly recommend following our online shopping guidance, including setting up 2-step verification and creating memorable but secure passwords using three random words,” Horne added.

Fraud Minister Lord Hanson echoed the need for increased public awareness amid this bustling season, stating: “We know that more needs to be done to tackle online fraud. Our message is straightforward: if you come across anything that doesn’t feel right—stop what you’re doing, break contact, and do not click any links.” The government’s commitment to combating online fraud is evident through initiatives such as the Stop! Think Fraud campaign, which aims to equip the public with practical information to fend off scams.

Statistics from Action Fraud demonstrate a concerning trend: nearly 43% of fraud reports last year involved social media platforms, indicating significant risks for consumers who purchase through these channels. Furthermore, those aged between 30-39 submitted the highest number of fraud reports, followed by those aged 40-49—highlighting that no demographic is immune to these online threats.

“Everyone will be looking to snap up good Black Friday deals,” warned Adam Mercer, Deputy Head of Action Fraud. “But unfortunately, this doesn’t stop fraudsters from targeting the public online…A false sense of urgency is a tell-tale sign of a fraudster.” Mercer advised consumers to use credit cards instead of bank transfers for added protection, if possible.

The concerning statistics reveal more than 16,000 reports of online shopping fraud were recorded last festive period, showcasing a glaring need for consumers to prioritize safety while shopping. Individuals are advised to thoroughly vet sellers and avoid random links that can lead to scamming attempts.

Moreover, the NCSC reports that artificial intelligence has emerged as a powerful tool in the arsenal of cybercriminals, enabling them to conduct more advanced scams that can deceive even the most cautious of consumers. “AI-driven phishing attacks have become alarmingly sophisticated,” cautioned Felicity Oswald, NCSC Chief Operating Officer, adding that shoppers should adhere to the agency’s online shopping guidelines to mitigate risks during this season.

“As we enter the Black Friday and festive shopping period, online shoppers will naturally be on the lookout for bargain buys… cyber criminals view this time of year as an opportunity to scam people out of their hard-earned cash,” Oswald stated.

The chaotic nature of Black Friday shopping makes it a prime target for fraudsters, leading retailers and consumers alike into a precarious situation. Many shoppers unknowingly succumb to scams featuring fake websites and alluring social media ads that promise steep discounts. Unfortunately, the nature of these scams often involves the creation of a sense of urgency through limited-time offers which drive consumers to make hasty purchases.

Mariana Pereira, Vice President of Cyber Innovation at Darktrace, elaborated on this tactic in her blog post: “Phishing emails that target personal email accounts often using looser email security measures can lead to data breaches when employees make hasty decisions driven by the excitement of holiday shopping.” As remote and hybrid work environments persist, the interconnectedness of personal and professional digital realms might render companies vulnerable, as hackers discover new ways to infiltrate organizations through careless online shopping habits.

Experts warn that as e-commerce activity escalates with the arrival of Black Friday, the odds of encounters with various forms of cyber threats grow significantly. As reported by Spin.ai, a staggering 72% of organizations fell victim to at least one ransomware attack in 2023, with attackers reportedly collecting over $1 billion—almost double the year prior. This unattractive trend highlights the pressing need for both consumers and businesses to elevate their cybersecurity measures, especially during peak shopping periods.

“There is a need to be extra vigilant because all kinds of cyber attacks increase during the extended period of Black Friday and Cyber Monday,” warns David Trossell, CEO and CTO of Bridgeworks.

Preventative measures are necessary not just for individuals but for organizations, particularly during peak shopping times. Trossell advises organizations to implement training sessions for employees to refine their awareness of potential phishing attempts. “We must thoroughly educate customers and train staff to avoid clicking on links that could launch an attack,” he explained.

Furthermore, strategies such as proper data management and backup routines can alleviate the potential fallout of cyberattacks. Trossell urges organizations to consider air-gapping the most sensitive data and investing in a comprehensive backup system to ensure operational continuity. Ensuring that critical data remains secure can avert dire consequences during these festive shopping events.

Retailers must also acknowledge the rising threat of cybercriminals keen to exploit seasonal shopping events. Enhanced cybersecurity solutions, like WAN Acceleration technologies, can bolster protection for e-commerce sites by utilizing AI and machine learning to promptly respond to threats before they escalate.

Amid the whirlwind of deals and discounts, shoppers are advised to be aware of the digital landscape’s inherent dangers. With the arrival of Black Friday 2023, consumers must stay alert and employ preventive measures to mitigate online risks while pursuing their holiday shopping. “While many opportunities lie within Black Friday, ensuring you don’t fall prey to scams is crucial for a successful shopping experience,” Trossell concluded.

As we anticipate this year’s Black Friday, it’s essential to stay vigilant and aware, balancing the excitement of saving with the reality of an ever-evolving digital threat landscape. By following the recommendations laid out by the NCSC and other cybersecurity professionals, consumers can enjoy a safer shopping experience while keeping the cybercriminals at bay.