Scammers are getting ready for the holiday season with Black Friday and Cyber Monday coming up in the next week, and Christmas shopping starting in earnest. And there are websites and social media accounts hoping to take advantage of internet users and holiday shoppers that are seeking a bargain, or just looking for their desired products online. And research by ZeroFOX has found online shopping and electronics are the number one targets for suspicious domain names.

Research by ZeroFOX, a provider of social media and digital protection solutions, found brick and mortar retailers dominate scams on social and digital platforms, but online shopping and electronics are the number one targets for suspicious domain names. ZeroFOX Alpha Team found 124,000 domains that contain the brand name out of the list of 26 selected for a report they published this week. The team filtered the 124,000 domains by Certificate Issuer for legitimate domains and found that Apple, Amazon and Target are the top impersonated domains within the bunch.

ZeroFOX found many of these domains contain keywords that indicate it could be used for phishing or abuse. This is generally combined with a call to action, especially with phishing attacks, to trick the user that they must login or verify their account to continue.

Since these domains were retrieved from the certificate transparency log, ZeroFOX found their probability of serving content is higher than a registered or parked domain since generating a TLS certificate is an additional step when setting up attack infrastructure.

In New Zealand, InternetNZ has launched a #ShopSafeNZ campaign that they’re hoping will raise awareness about safer online shopping experiences for Kiwis. They’ll be campaigning in the lead up to the holiday season and retail sales from 25 November – 1 January 2020 writes Domain Name Commissioner Brent Carey in a post on the InternetNZ website and republished here.

For InternetNZ, “keeping .nz trusted, safe and secure is our priority” writes Carey. “It’s crucial for small businesses that have a .nz domain name and everyday New Zealanders who choose to shop online.”

ThreatPost has a Black Friday podcast they’ve published where they interview Ashlee Benge, threat researcher at ZeroFOX, which is available to listen to, download or read a lightly edited transcript from https://threatpost.com/black-friday-shoppers-scams-fake-domains/150593/