Tripwire Survey: Online Shoppers Easily Duped

Share Article

Despite warnings, consumers too quick to click on malicious links that appear to come from trusted brands

News Image
Shoppers need to look beyond the facade of convincing branding to make sure they aren't being conned into clicking on a bogus link.

Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, today announced the results of a consumer survey conducted by One Poll and Dimensional Research on holiday shopping security practices. The survey evaluated online cybersecurity awareness of 2,011 consumers from the U.S. and U.K., and revealed that more than 40 percent believe emails from “trusted brands” are safe to click, and nearly a quarter of respondents (24 percent) anticipate doing at least part of their holiday shopping while at work.

“Cybercriminals are very resourceful, and they know that the siren song of a good deal is almost always irresistible to bargain hunters,” said Dwayne Melancon, chief technology officer at Tripwire. “The number one reason to click is trust in a brand, which isn't good – I have seen some very convincing phishing emails and bogus websites that look nearly identical to the real thing. Shoppers need to look beyond the facade of convincing branding to make sure they aren't being conned into clicking on a bogus link.”

Survey findings include:

  •     Over a quarter of respondents (26 percent) believe links contained in subscription emails and newsletters are ‘safe.’
  •     23 percent believe links sent from trusted associates are safe to click.
  •     Only 28 percent of consumers believe it is never safe to click on email shopping links.
  •     24 percent plan to do at least some of their holiday shopping at work.

According to a recent survey from the National Retail Federation (NRF), 56 percent of holiday shoppers will do some of their shopping on the Internet this year, and many will be using apps, newsletters and email notifications to find the best deals. Unfortunately, cybercriminal activity spikes during the holiday season, and the initial stages of a cyberattack often use malicious links in emails, texts, newsletters and online apps. These malicious links point users to fake websites, which according to a Google study, can be so effective that they work an astonishing 45 percent of the time.

Despite multiple warnings from the FBI, Better Business Bureau and NRF, many consumers place too much trust in shopping links.

“Employees need to be award that anytime their computer is on their corporate network, even if they logged in through a VPN, they can put their organization at risk by simply visiting the wrong website or clicking the wrong link in an email,” said Ken Westin, security analyst for Tripwire. “Savvy attackers know that malicious links are effective, that’s one reason phishing attacks are so pervasive around the holidays. Employees should be particularly careful when checking personal email at work, or when clicking links in ads on social media sites.”

About Tripwire
Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence. Learn more at http://www.tripwire.com, get security news, trends and insights at http://www.tripwire.com/state-of-security/ or follow us on Twitter @TripwireInc.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Eva Hanscom
Visit website