Carmen Murillo/Getty Images
Nearly 1,500 Black Friday apps, ostensibly geared toward helping consumers navigate the busiest shopping day of the year, are actually fraudulent attempts to lift credit card and other personal information, according to a digital-threat management firm.
The firm, RiskIQ, ran keyword queries through a database of apps. The company, according to the Silicon Angle blog, sought out cases in which the brand names of five leading online retailers appeared with the term “Black Friday” in URLs known to be malicious. About 1 in 25 Black Friday apps, RiskIQ found, led consumers to one of those URLs, which can capture personal information to be misused.
Black Friday is the nickname given to the day after Thanksgiving, when retail companies tap consumer demand for the holiday season to go “into the black" — make a profit — in their annual budgets.
But the concern is by no means limited to Black Friday. When that phrase was deleted from the search, RiskIQ found more than 30,000 apps linked to URLs with malicious characteristics.
While consumers should be wary, researchers for RiskIQ said, much of the responsibility for fighting such fraud rests with the sellers.
“With online fraud, data leakage and ransomware on the rise, online retailers have ample reason to redouble their focus on how their brands are being used fraudulently,” they said.
The magazine Infosecurity projected last week about 50 million attempts throughout the world during Thanksgiving week to make purchases by fraudulent means.