Online phishing sites skyrocket in number during past year

Fake retail websites can harvest your personal information and credit card numbers, warns a new report.

Marrian Zhou Staff Reporter

Marrian Zhou is a Beijing-born Californian living in New York City. She joined CNET as a staff reporter upon graduation from Columbia Journalism School. When Marrian is not reporting, she is probably binge watching, playing saxophone or eating hot pot.

See full bio

Marrian Zhou

Oct. 25, 2018 12:24 p.m. PT

Be suspicious of deals and offers that seem to good to be true.
Christian Ohde/Getty Images

Be careful, online shoppers.

The number of fake retail websites designed to phish for customer information is on the rise, according to a joint report published Wednesday by e-commerce fraud prevention company Riskified and cyber intelligence company IntSights.

Analyzing data from the third quarter of last year to Q3 2018, Riskified and IntSights found a 297 percent increase in retail phishing sites. These phishing sites are meant to look like legitimate retailers, but they actually steal information like your contact information and credit card number, according to the report.

"Retailers are increasingly focused on driving sales through a variety of online channels -- Facebook, SMS messaging, Instagram, Twitter and more -- all of which provide an ideal opportunity for fraudsters to lure in new victims through phishing attacks as it is the most common way to obtain stolen credit card numbers," said Guy Nizan, CEO of IntSights, in a release.

To avoid phishing scams, consider sticking to trusted sites and online retailers you're familiar with. Also be suspicious of to-go-to-be-true offers, warns the report.

Besides fake websites, phishing attempts can also be made to look like emails coming from legit websites, such as PayPal and FedEx. Here's a few things you can do to spot phishing emails.