By Vivek Srivastava, Country Manager, India & SAARC, Fortine
Be knowledgeable and cyber aware to enjoy and ensure a safe online experience
Safer Internet Day 2025 is based around the theme ‘Too good to be true? Protecting yourself and others from scams online‘. It is important to understand threat actors readiness to keep yourself safe while shopping or transacting online. Fortinet’s Threat Intelligence Report highlights how cybercriminals are leveraging Remote Code Execution (RCE) exploits, Man-in-the-Middle (MITM) phishing kits, sniffers, and website cloning services to manipulate online transactions and gain access to steal sensitive data. It uncovers the dangers posed by the proliferation of holiday-themed deceptive domains and compromised e- commerce sites, emphasizing the critical risks to both shoppers and businesses during high-traffic online shopping.
The Darknet provides threat actors with a wide range of opportunities, enabling them to carry out various types of attacks. It provides insights into what datasets are available to threat actors on the Darknet that are being traded or leveraged for malicious purposes. Threat actors with limited knowledge or skills can also leverage services designed to deceive users and steal sensitive information. The threat surface also includes deceptive domains registered and e-commerce platforms that could be at a high risk during the online shopping season.
Available Resources on the Darknet:
- Datasets: Gift cards, credit/debit card information, POS/payment gateway database, user credentials, and database/admin access to e-commerce sites are widely available for sale
- Phishing and Spam Services: Inbox spam services, phishing kits, and SMS spam tools are used to deceive shoppers with fake offers and promotions.
- Website Cloning: The creation of malicious replicas of trusted websites enables threat actors to steal sensitive user information.
- Trafficker Services: Threat actors leverage these services to drive traffic to fake or malicious websites
.
- Drop Services: Sniffing tools are deployed on compromised sites to intercept and steal sensitive customer information like credit card details, login credentials, and transaction data. Threat actors have also developed brute-forcing tools designed to target e-commerce platforms.
- Tools: Sniffing tools developed are deployed on compromised sites to intercept and steal sensitive customer information like credit card details, login credentials, and transaction data. Also, Threat Actors have developed Bruteforcing tools that are designed to target E- commerce platforms.
- Prompt Engineering: Threat actors leverage AI models and prompt engineering to craft highly convincing phishing emails. These emails mimic the tone, branding, and writing style of legitimate organizations, such as banks or retailers, making them almost indistinguishable from genuine communications.
Key challenges include the proliferation of holiday-themed deceptive domains, compromised e-commerce databases, and the sale of tools like phishing kits and sniffers that enable large-scale fraud. These threats underscore the need for both consumers and businesses to remain vigilant and adopt robust security practices.
Recommendations for Users:
- Verify URLs: Always double-check the website address before entering sensitive information. Look for typos or unusual domains.
- Use Secure Payment Methods: Avoid direct bank transfers. Use credit cards or trusted payment gateways with fraud protection.
- Be Cautious with Offers: Avoid clicking on suspicious links in emails or SMS, even if they appear to come from legitimate sources. To add an extra layer of security, enable multi-factor authentication (MFA) and use it on all accounts.
- Monitor Financial Activity: Regularly check your bank and credit card statements for unauthorized transactions.
- Avoid Public Wi-Fi: When shopping online, use secure and private networks to reduce the risk of session hijacking.
Recommendations for Businesses:
- Strengthen Security Posture: Keep all e-commerce platforms and plugins updated. Regularly scan for vulnerabilities and apply patches promptly.
- Implement Advanced Fraud Detection: Deploy tools that detect unusual login attempts, brute-force attempts, and fake traffic.
- Monitor Domain Registrations: Keep track of deceptive domains impersonating your brand and report them to the relevant authorities.
- Educate Customers: Inform shoppers about identifying phishing attempts and ensuring safe online shopping.
- Secure Admin Panels: Use strong passwords and limit access to critical systems. Regularly monitor login attempts for suspicious activity.
Vivek Srivastava, Country Manager, India & SAARC, Fortinet, says “As digitalization accelerates and online activity surges, so do cyber risks, with cybercriminals deploying increasingly sophisticated tactics—from phishing and deepfakes to exploiting e-commerce vulnerabilities. Safer Internet Day serves as a reminder that security is a shared responsibility. Consumers must stay vigilant, while businesses must prioritize proactive security measures like regular vulnerability assessments, timely software updates, and customer education. By fostering collaboration between security providers, businesses, and individuals, and embracing best practices, we can build a safer, more resilient digital world for everyone.”
