Whereas many consumers are becoming wary of phishing emails for banks, they are not expecting it from their online retailer. The phishers send out millions of emails, it doesnt matter if 99% hit people who dont have an account with that retailer, and it doesnt matter if 99% of those who do dont respond, the 1% of the 1% still make it all worthwhile.
A typical e-retailer phishing email, showing the stores logo would say:
Dear STORE account holder,
We detected irregular activity on your Account.
We require you to complete an account update to avoid account suspension.
You must verify your account information, and upon verification, we will
remove any restrictions placed on your account
To review your account as soon as possible please click on the link below,
Click here to proceed
Of course the link doesnt take you to the store. It could potentially defraud you in two ways. Firstly as would a conventional phishing email it could capture personal details that could be used to gain access to your account. But more furtively, it could send you to a look-alike web site selling fake goods that looks identical to the real brand site. You could be none the wiser till a month later the heel falls off your shoe or your jewellery goes green and when you complain to the genuine retailer you find you have bought fakes. Analysis by First Cyber Security has shown that some major brands can have in excess of 700 live fake sites at any one time.
First Cyber Security are exhibiting at IP Protect Expo on 28th &29th March at Business Design Centre, 52 Upper Street, London where they will be showing how their SOLID Authentication technology can protect the consumer from fake sites and phishing e-mails, and give businesses brand protection and real time alerts on fake sites and brand infringement.
Leave a Reply