• by Ray Schultz , Columnist, November 8, 2017

Many otherwise smart consumers will fall for email phishing scams this Black Friday and Cyber Monday. And the most victimized brands will be Amazon, Walmart and Target, judging by a new study by DomainTools.

Most consumers are aware of the phishing threat, but some have clicked through to a scam email anyway, the study reports. The impact could be huge during the holidays, given the sheer number of people going online. 

DomainTools surveyed 1,000 individuals in the U.S. and 1,000 in the UK. It found that 39% of the Americans and 20% of the British shoppers have clicked on a malicious shopping link, thinking it was from a trusted brand. 

And 13% in U.S. have done so more than once, versus 53% in the UK. Four out of ten U.S. respondents were unsure.

Yet both populations know that such risks exist — 92% in the U.S. and 91% in the UK. This shows how easily even an alert person can be conned.

And these click-through errors have led to some serious consequences.  Of the U.S. consumers who fell for a phishing scam, 21% had their computers infected with a virus and 6% had their credit card information stolen.

In addition 5% bought a false product and 5% lost money. But 63% were not sure or preferred not to say. 

Of the UK phishing victims, 24% received a virus, 10% had credit card information stolen and 9% bought a false product. Twenty-three percent of the Americans and 13% of the British consumers had banking or credit/card information stolen and used in an online purchase.

Of the U.S. consumers polled, 92% shop online regularly, and 49% half are planning to shop on Cyber Monday.

That event is not as popular in the UK — only 29% are planning to shop on then. But 80% shop online at least once a month.

The study shows that 31% of UK buyers shop weekly, an 4% daily. In addition, 24% do so fortnightly.

The brands most likely to be targeted for scams in the U.S. — based on their sheer popularity — are Amazon (82%) Walmart (36%) and Target in the U.S. (20%). In the UK, the target list includes Amazon (88%), Argos (46%) and Tesco (35%) 

Respondents have clicked through to phone domains pretending to be Amazon, Target and Walmart, the study continues.

As DomainTools puts it, “phishing scams occur when hackers send emails or set up websites that look like trusted brands, but are actually spoofed sites created with the goal of trying to trick shoppers into sharing personal information or buying fake products. 

DomainTools describes itself as a threat intelligence company.