During last year’s festive period, over £11.5 million was lost to online shopping scams in the U.K., with Black Friday serving as a prime target, according to a new report by the National Cyber Security Centre. This marks at least a £1.1 million increase over 2022.
Britain’s cyber chief, Richard Horne, says that AI is partly to blame.
“As we head into the holiday shopping season, people are understandably eager to find the best deals online,” the NCSC’s CEO said in a press release.
“Unfortunately, this is also prime time for cyber criminals, who exploit bargain hunters with increasingly sophisticated scams – sometimes crafted using AI – making them harder to detect.”
More than 16,000 reports of online shopping were made to Action Fraud between November 2023 and January 2024, with each victim losing an average of £695. Social media sites and online marketplaces are the most common platforms used to launch scams, as cited in 43% and 18.9% of reports, respectively.
According to Hargreaves Lansdown, average spending over Christmas is predicted to be £42 more per person than last year. Telecoms provider Three found that reports of scam messages surged threefold during the month of Black Friday and fivefold during December, as attackers look to take advantage of this season of high spending.
High-end tech products, as well as clothing and cars, are among the most common products that cybercriminals use for their scams, meaning corporate buyers should also stay alert.
SEE: The 4 Best Ecommerce Payment Solutions for 2024
Jake Moore, global cybersecurity advisor at ESET, told TechRepublic in an email: “Fraudulent Black Friday deals can land in a variety of ways from traditional targeted phishing emails to adverts found in webpages.
“Furthermore, interesting bargains advertising on social media are often not vetted to the same high standard people may assume, plus they can look convincing enough for people to part with their cash in a matter of moments.”
He added that a shopper is less likely to verify deals shared by friends in messaging apps and group chat, and these could even originate from a compromised account. It’s also not just elderly people who get caught by these scams, a common misconception, as the average age of victims was found to be 42, according to the NCSC.
Global retail sites experienced an average of 569,884 AI-driven attacks each day from April to September, according to Imperva Threat Research. The researchers said that tools such as ChatGPT, Claude, and Gemini and special bots that scrape websites for LLM training data are being used to conduct attacks.
SEE: AI-Assisted Attacks Top Cyber Threat for Third Consecutive Quarter, Gartner Finds
Attack types include distributed denial-of-service attacks, where an e-commerce website’s resources are intentionally overwhelmed to cause downtime. Business logic abuse was the most common, where legitimate website applications or APIs were exploited to manipulate prices, abuse discount codes, or gain unauthorised access.
Cyber criminals are increasingly leveraging AI for scams of all types as it becomes more widely accessible, but especially for online shopping fraud. Moore said that the technology limits how quickly bad actors can launch scams and eliminates some tell-tale signs indicating that online content isn’t legitimate.
“Rarely will a scam go out with an old-fashioned spelling or grammatical error,” he told TechRepublic.
Locals living in one of the most miserable towns in Britain have blasted their council for turning it into a 'shambles'.Residents in Barking and Dagenham compar
Florence Pugh enjoyed a spot of Christmas shopping with her new boyfriend Finn Cole in London on Wednesday, as the couple were spotted together for the first ti
Jennifer Lopez was out and about enjoying some holiday shopping with her family on Saturday, gearing up for her first Christmas single and sans ex-husband Ben A
A new analysis has starkly illustrated the way Labour’s proposed “grocery tax” could hit hard-pressed Britons in the pocket, adding up to £56 annually to