Check Point Research (CPR) observes an escalation of malicious activity targeting Valentine's consumer consumers.
In January, CPR recorded a 152% increase in domain registrations on the subject Valentine's Day, with 6% considered malicious and 55% of these domains classified as suspicious.
• One of 371 malicious e-mails detected by CPR is related to Valentine's Day.
CPR plots the number of newly registered domains per month for the last three years
• CPR shares five tips security for Valentine's Day consumers
Check Point Research (CPR) is finding an increase in malicious activity targeting shoppers wishing to buy Valentine's gifts. In January, CPR recorded a 152% increase in domain registrations for Valentine's Day, compared to December. Of these domains, 6 %% were considered malicious by CPR and 55% suspected. In all, one of the 371 malicious e-mails recently detected by CPR was on Valentine's Day.
Registering themed, fake domains is a tactic used by cybercriminals to exploit a specific event in order to lure victims into the trap of revealing personal information.
Comparison by years
CPR has shown below the number of newly registered domains per month over the last three years. This year, the growth of the newly registered sectors jumped by three digits, similar to 2021 and 2020.
Example: Forgery of "The Million Roses"
Η CPR βρήκε ένα παράδειγμα απάτης phishing που στοχεύει αγοραστές για την Ημέρα του Αγίου Βαλεντίνου. Το κακόβουλο μήνυμα ηλεκτρονικού “ψαρέματος” χρησιμοποιούσε την επωνυμία “The Millions Roses” για να παρασύρει τα θύματα σε αγορά δώρων για την Ημέρα του Αγίου Βαλεντίνου. Στο ακόλουθο παράδειγμα, το μήνυμα ηλεκτρονικού ταχυδρομείου – απάτη (βλ. παρακάτω εικόνα) εστάλη από μια πλαστή διεύθυνση και ανέφερε μια διεύθυνση εταιρείας που ήταν διαφορετική από τη νόμιμη μάρκα “The Million Roses”. Το θέμα του μηνύματος ήταν “Δώστε στον Βαλεντίνο σας ένα αξέχαστο gift for Valentine's Day".
This is a sign that the email is coming from a dubious source and the site is fake. Anyone who clicked on the email link would be redirected to a malicious, currently inactive link trying to emulate The Million Roses.
From: The Million Roses® (w0XzqB8i96 @ tren-jPBDfGZ [.] Com)
Subject: Give your Valentine an unforgettable gift for Valentine's Day.
Comment by Omer Dembinsky, Data Group Manager at Check Point Software:
"Cybercriminals are increasingly chasing consumers who intend to buy gifts on Valentine's Day this year. We saw an impressive 152% increase in domain name registrations on this day in January, where a large portion of them are either malicious or suspicious. Cybercriminals seek to exploit the moment. Their goal is to trick buyers into making "purchases" on their sites, but in reality it is a bait to steal personal information, which could lead to a lot of problems for the victims.
Credit card fraud cards and theft of personal identity are potential examples of what cybercriminals are capable of. To avoid these pitfalls, I strongly urge Valentine's Day consumers to be suspicious of password reset emails, watch out for too-good-to-be-true offers, and look for spelling and grammatical errors. Any of these or a combination of them are red flags and should be warning signs that they are facing a trap set by a cybercriminal.”
Safety tips for consumers on Valentine's Day this year
• ALWAYS be skeptical of password reset emails: Attackers can persuade you to enter your account credentials and send them to them. If you receive an unwanted password reset email, always visit the site directly (do not click embedded links) and change your password on this and any other site with the same password
• NEVER, NEVER share your credentials: Theft of credentials is a common target of cyber attacks. Many people reuse the same usernames and passwords on many different accounts, so stealing credentials for a single account is likely to give an attacker access to others.
• BEWARE of the very good ones to be true market offers, as they are really very good and not true: An 80% discount on a new iPhone or jewelry is usually not a reliable purchase opportunity.
• ALWAYS make sure you order online from an authentic source: Click on promotional links in emails, but do a Google search for the retailer you want and click the link on the Google results page.
• Look for language errors: Spelling and grammar errors are another sign of "phishing" emails. Most companies use spelling checkers, so these typos should raise suspicions because the email may not come from the supposed source.
