FAYETTEVILLE, Ark. (KNWA/KFTA) — According to a report from Check Point Research (CPR), a record-breaking amount of malicious websites related to online shopping have been discovered in the run-up to Black Friday and Cyber Monday.

Over 5,300 malicious websites are spotted per week on average by CPR, marking the highest number since the beginning of 2021.

According to the report, there has been a 178% increase in malicious websites related to e-shopping in the past six weeks, compared to the average in 2021.

We track the number of malicious websites related to online shopping almost every year ahead of the November e-Shopping holidays. This year’s numbers have broken our records. Hackers are doubling down on the strategy to lure consumers into fraud through ‘too good to be true’ offers, promising large discounts such as 80% or 85% off. Their strategy is to capitalize on a consumer’s excitement after showing an eye-popping discount. You can protect yourself by being attentive to lookalike domains, shopping from reliable sources and spotting password reset and other account related notifications that show excessive urgency. Do not click these links, and if needed, go directly to the website and change details from your account

Omer Dembinsky, Data Group Manager at Check Point Software

CPR also offers the following security tips for online shoppers:

  • Always shop from an authentic reliable source. Do not click on promotional links you get over email or over social media. Pro-actively google search your desired retail or brand.
  • Be attentive for look-alike domains. You should notice spelling accuracy in emails or websites, and note unfamiliar email senders or peculiar email addresses you receive promotions from.
  • Too good to happen shopping offers are indeed too good to happen. A new iPad will NOT go on an 80% discount this season.
  • Always look for the lock. Making an online transaction from a website that does not have secure sockets layer (SSL) encryption installed is an absolute NO-GO. To know if the site has SSL, look for the “S” in HTTPS, instead of HTTP. An icon of a locked padlock will appear, typically to the left of the URL in the address bar or the status bar down below. No lock is a major red flag.
  • Always be attentive to password reset emails, especially when volumes of traffic online are at peak, like the November shopping season, If you receive an uninvited password reset email, always visit the website directly (don’t click on embedded links) and change your password to something different on the original site.