Check Point Software Technologies Co., Ltd. Check Point Research discovers a sharp increase in fake shopping-related sites ahead of Black Friday Beware of shipping-related emails

Check Point Software Technologies, Inc.
Check Point Research Discovers Rapid Increase in Fake Shopping-Related Sites Ahead of Black Friday Beware of Shipping-Related Emails
Check Point Research, the threat intelligence division of Check Point(R) Software Technologies Ltd. (NASDAQ: CHKP), a comprehensive cybersecurity solutions provider Research (CPR) has found a surge in fake shopping sites ahead of Black Friday, the annual sale period. CPR also found that in the first 10 days of November, 17% of malicious files distributed by email were related to product ordering, delivery and shipping. Also, this month, 4% of new shopping-related sites were found to be malicious.
More than 154 million Americans shopped on Black Friday 2021, with 88 million of them reportedly shopping online < -friday-statistics Email scam pretending to be Louis Vuitton
In late October, Check Point researchers discovered a fraudulent phishing email disguised to look like it was from Louis Vuitton and sent from the webmail address psyqgcg@moonfooling[.]com. has confirmed. The subject of the email included the text, “Black Friday Sale. Starts at $100. You’ll Fall In Love With Prices.” was The body of the email entices the victim to click on two malicious links contained within the email, both of which redirect to the domain jo[.]awojlere[.]ru. was. The linked site states that the jewelry that is actually counterfeit is “for sale at a discounted price as part of a Black Friday sale.”
[Image 1

A malicious email with the subject “Black Friday Sale. Starts at $100. You’ll Fall In Love With Prices.”
Two malicious links contained within the email:
http://jo[object 4]awojlere[.]ru/return.php?p=TUsxP2pkbzh0cmFiYWpvQG9qLmdvYi5ndD80NjA4Mw%3D%3D” Famous fashion brand Louis Vuitton has also been targeted by several other fake sites. Four domains with similar formats were registered in early October
“” / “” / “” / “” All of these websites were disguised as legitimate Louis Vuitton sites, with links spread in emails with subject lines such as: “[black Friday sale] Louis Vuitton bags up to _% off! Shop online now!” Incidents related to these domains have increased over the past month, reaching nearly 15,000 in the week of November 7th.

[Image 2

Weekly Incidents of Fake Sites Containing “%%off-bags” Domains Phishing scams related to shipping and delivery
Not only are cybercriminals piggybacking on the buying process during peak shopping seasons, but they are also exploiting the process of delivering discounted goods. In the first 10 days of November, 17% of malicious files spread by email were found to be related to product ordering, delivery and shipping.
One example is a phishing email campaign impersonating the shipping company DHL. Sent from the webmail address
“support@consultingmanagementprofessionals[.]com”, the email is disguised as coming from the “SHIPMENT TRACKING” source (see Figure 1).
The email contains a malicious URL
https://lutufedo[object 8]000webhostapp[.]com/key[.]php” and requires payment of €1.99 via the link to complete the delivery. It is written. The aim is to steal the victim’s credentials (see Figure 2). [Image 3

Figure 1: Malicious subject “[reminder] Your package JJD01558535 is waiting for delivery. 851870943821843353”
[Image 4

Figure 2: Malicious URL “https://lutufedo[.]000webhostapp[.]com/key[.]php” Avoid Scams and Enjoy Threat-Free Shopping in November
Cybercriminals are taking full advantage of the holiday season for consumers. Here are six things you can do to stay safe on Black Friday this year.
Always buy from trusted and genuine sellers: Before confirming a purchase, it is necessary to check if the site you are using is official. Instead of following links sent to you via email or text message, you have to search for merchants from your browser, find promotions yourself, and access them directly.
Watch out for domain names that look alike: Many fraudulent sites use domain names that look similar to the brand they’re trying to impersonate, but with extra characters or misspellings. increase. It’s important to watch the URL carefully.
Beware of “excessive deals”: ​​Phishers often offer outrageously good discounts on popular products. Check if other websites offer similar discounts and make sure the seller is genuine.
Check the padlock mark: By checking whether the beginning of the URL starts with “https”, it indicates that the site meets international security standards, and a padlock mark is usually displayed before the URL. I’m here. If there are no such signs, the site is unreliable and should be avoided.
Use endpoint security: Fraudulent emails rise during the popular shopping season, while phishing emails are sent by cybercriminals year-round. Therefore, everyone should consider implementing an email security solution to prevent phishing emails from entering their inboxes in the first place.
Beware of password reset emails: If you receive an email to reset your password, do not click any links and always go directly to the website to change your password.
The statistics and data used in this report are detected by Check Point Threat Prevention Technology < This press release is based on the blog


Leave a Reply

Your email address will not be published.

%d bloggers like this: