Kaspersky warns online shoppers of attackers



By Rose de la Cruz


Online shoppers especially are the targets of banking Trojans who victimize popular consumer brands, stealing their credentials and other information through these sites. Kaspersky Lab technologies detected 9.2 million attempted attacks by the end of the third quarter (Q3) 2018 compared to 11.2 for the whole of 2017, with detections for one malware family up by 34 percent.


Half all online shops attacked were well- known consumer apparel brands including fashion, footwear, gifts, toys and department stores. Online shoppers in the US, Italy, Germany, Russia, and emerging markets appear to be particularly at risk.  


Traditionally, banking Trojans target mostly users of online financial services, looking for financial data to steal, or building botnets out of hacked devices for future attacks. Over time, several of these banking Trojans have enhanced their functionality and reach to target the data and credentials of online shoppers and obtain root access to their devices.


The main malware families stealing from victims through e-commerce brands are Betabot, Panda, Gozi, Zeus, Chthonic, TinyNuke, Gootkit2, IcedID, and SpyEye (where detections were up by 34 percent). The Trojans target well known e-commerce brands to hunt for user credentials like login, password, card number, phone number, and more. They seize the data from victims by intercepting input data on target sites, modifying the online page content, and/or redirecting visitors to phishing pages.  


The main findings of the research report include: 50 percent of the brand names targeted by the malware families detected are established high street labels, including fashion, footwear, jewelry, gifts, toys and department stores, followed by consumer electronics brands (12%) and entertainment/gaming (12 percent).


Overall, the research found 14 malware families targeting a total of 67 consumer e-commerce sites, which include 33 consumer apparel sites, eight consumer electronics sites, eight entertainment and gaming sites, three popular telecoms sites, two online payment sites, and three online retail platforms, among others.




Of these Betabot was found to be targeting 46 different brands, including 16 different consumer apparel brands, four consumer electronics brands and eight entertainment/gaming brands; with most of those affected in Italy (14.13 percent of users affected by any malware were targeted by this threat), Germany (6.04 percent), Russia (5.5 percent) and India (4.87 percent).


Gozi was found to be targeting 36 brands, including 19 consumer apparel and three consumer electronics brands; with most of those affected in Italy (19.57 percent of users affected by any of malware), Russia (13.89 percent), Brazil (11.96 percent) and France (5.91 percent).


Over three million sets of e-commerce credentials were found up for sale on a marketplace easily accessible through the Google search engine. The highest prices are charged for what appear to be hacked merchant accounts.

“Credential-stealing banking malware is nothing new. However, the existence of families hunting for data related to online shopping accounts is perhaps more unexpected. If your computer is infected with one of the listed Trojans, then criminals can steal payment card details while you enter them on the shop’s website. After that, it is easy for a hacker to get to your money through a compromised credit card,” said Yury Namestnikov, principal security researcher, Global Research and Analysis Team, Kaspersky Lab.


“Cybercriminals could also use the stolen accounts in money laundering schemes: buying things from a website using victims’ credentials so they look like known customers and don’t trigger any anti-fraud measures, and then selling those items on again. As we come into the busiest online shopping season of the year, we urge consumers and retailers to be extra vigilant about their security, and to check and double check the integrity of websites before entering or downloading any data,” added Namestnikov.

Kaspersky Lab recommends the following steps to stay safe when shopping online:



If you are a consumer, a powerful, updated security solution is a must for all devices you use to shop online. Avoid buying anything online from websites that look potentially dangerous or which resemble an incomplete version of a trusted brand’s website.


Don’t click on unknown links in email or social media messages, even from people you know, unless you were expecting the message.

If you are an online brand or trader, use a reputable payment service and keep your online trading and payment platform software up-to-date. Every new update may contain critical patches to make the system less vulnerable to cybercriminals.


Use a tailored security solution to protect your business and customers.  


Pay attention to the personal information used by customers to buy from you. Use a fraud prevention solution that you can adjust to your company profile and the profile of your customers.


Think about how much money you wish to keep in an online payment transaction account at any one time. The greater the balance, the higher the value of that account to hackers.


Restrict the number of attempted transactions and always use two-factor authentication (Verified by Visa, MasterCard Secure Code etc.).


The research is based on data obtained with user consent and processed using the Kaspersky Security Network (KSN). All malware belonging to the banking Trojans covered in the report are detected and blocked by Kaspersky Lab security solutions.


Further information on the research and a copy of the report, Buyer beware: cyber-threats targeting e-commerce, 2018, can be found on Securelist.


Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.


Like us in Facebook

facebook like box joomla


Latest News

NEDA Cites Need for a Stronger Planning Culture in Government

    To ensure optimum use of scarce human and financial resources, the government must have a stronger culture of planning to fully synchronize... Read More...
NEDA Calls for Innovation-led Industrial Policy

  An industrial policy propelled by innovation is needed to drive the country’s manufacturing growth amid the bleak near-term outlook of the... Read More...
Bong still unsure of Senate run

Should he stay or should he go?  This is the question that Special Assistant to the President Christopher “Bong” Go is trying to answer and... Read More...
IMAGE In the know: Solar Philippines

Solar Philippines is currently the country’s – and Southeast Asia’s – largest solar-energy company. Founded in August 2013 by Leandro... Read More...
Stupid Name Giver and Other Laughs

Stupid Name Giver Late one night, a burglar broke into a house. While he was sneaking around he heard a voice say, "Jesús is watching you."  He... Read More...
Confession Code and other laughs

Confession Code AN old priest who became sick of all the people in his parish who kept confessing to adultery said one Sunday, in the pulpit,"If I... Read More...

Photo courtesy of Top Gear Philippines Officials of motorcycle-sharing service company Angkas must be grinning all the way to the bank. After a... Read More...

MABUTI naman at tuluyan ng nagpasiya ang pamahalaan na sampahan ng karampatang kaso ang mga sangkot sa kontrobersyal na Dengvaxia anti-dengue... Read More...

Our Guests

This week1853
This month18782

Visitor Info

  • Your IP:

Who Is Online


Monday, 20 January 2020
© 2016 OpinYon News Magazine Online. All Rights Reserved.

Please publish modules in offcanvas position.