You may be targeting Black Friday bargains, but cybercriminals are targeting you

Credit: ID 99789056 © Guernica |

The Black Friday-to-Cyber Monday long weekend may have become a lead indicator for the Christmas holiday shopping season, but security firms are warning shoppers to be careful online as cybercriminals increase their activity in the runup to what is expected to be a $52.7b retail season.

Black Friday has become Australia’s third biggest sales period and Cyber Monday its sixth, according to recent figures from PayPal, and retailers from eBay and Amazon to Kmart and Westfield shopping centres jumping onboard.

With ever-better offers flying thick and fast via email, security firm Proofpoint has warned shoppers need to be particularly wary of online scams and malware propagated through emails spoofing legitimate retailers.

Despite efforts by the Australian Signals Directorate to promote the use of next-generation DMARC email anti-fraud tools, Proofpoint research suggests that just 45 percent of Australia’s biggest online retailers have actually begun implementing DMARC – and just 10 percent have adopted the strictest level of security.

“Online retailers may be unknowingly exposing themselves and their customers to cybercriminals on the hunt for personal and financial data,” Proofpoint Australia country manager Crispin Kerr warned.

“We anticipate cybercriminals will work to exploit the urgency associated with flash sales by using subject lines prompting users to click in haste and will likely try to use stolen branding and spoofed domains to convince shoppers that an email is legitimate.”

The Australian Competition & Consumer Commission (ACCC) took the opportunity to remind Black Friday shoppers about the risk of scams – which are likely to surge as cybercriminals leverage the names of online and offline retailers.