Cyber Monday Spending Surge Driven By AI, Online Shopping, And Extended Sales - 1

Image by Freepik

Cyber Monday Spending Surge Driven By AI, Online Shopping, And Extended Sales

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Cyber Monday sets record $13.2B in sales, driven by AI, extended deals, and shifting consumer habits toward e-commerce and experiences.

In a Rush? Here are the Quick Facts!

  • U.S. consumers expected to spend $13.2 billion on Cyber Monday, a 6.1% increase.
  • Major retailers like Amazon, Walmart, and Target have extended Cyber Monday sales.
  • AI tools boost e-commerce by enhancing personalization, pricing, and customer service.

U.S. consumers are poised to set a new record for online spending on Cyber Monday, the crown jewel of the post-Thanksgiving shopping season, as reported by ABC News .

Industry analysts project that shoppers will spend an unprecedented $13.2 billion today, marking a 6.1% increase from last year, according to Adobe Analytics, says ABC News.

ABC News notes that Walmart, for instance, opened early access for its members before extending deals to all customers Sunday evening.

Cyber Monday caps off the five-day shopping spree known as “Cyber Week,” which kicks off on Thanksgiving Day. Preliminary data indicates robust spending throughout the weekend, reports ABC News.

Experts also note a growing preference for experience-driven purchases alongside traditional gift categories like toys, electronics, and beauty products, as noted by ABC News. Meanwhile, foot traffic in brick-and-mortar stores continues to decline.

Sensormatic Solutions reports an 8.2% drop in Black Friday store visits compared to 2023, reflecting a shift toward online shopping convenience, says ABC News. Extended promotional periods may have further diluted in-store crowds.

An analysis by Conversion Capital says that AI is at the base of this boost in e-commerce during Black Friday and Cyber Monday, enhancing the shopping experience, increasing sales, and streamlining operations.

AI-powered tools optimize every stage of the customer journey, from personalized marketing to dynamic pricing, virtual try-ons, and advanced search capabilities, says Conversion Capital.

Retailers also rely on AI-driven chatbots to provide round-the-clock customer support, enhancing satisfaction and cutting operational costs. Fraud detection systems powered by AI protect digital transactions, mitigating risks in an era of increasing online payment fraud, says Conversion Capital.

Dynamic pricing strategies, facilitated by real-time AI analytics, allow companies to adjust prices based on demand and competition, maximizing revenue opportunities during sales events, notes Conversion Capital.

Consumer engagement has shifted significantly, with virtual technologies like AR-powered mirrors enabling shoppers to visualize products before purchase, while personalized recommendations enhance convenience, notes Conversion Capital.

Despite these advancements, concerns around data privacy and trust persist, underscoring the need for transparent AI use.

As AI adoption accelerates, the global e-commerce market is poised for unprecedented growth, shaping a seamless, data-driven shopping future that balances innovation with consumer trust.

Cyber Monday remains a crucial indicator of holiday spending trends, as millions of Americans embrace the ease of e-commerce for their seasonal shopping needs.

Kimsuky Hacking Group Adopts Malwareless Phishing, Evading Detection Systems - 2

Image by Freepik

Kimsuky Hacking Group Adopts Malwareless Phishing, Evading Detection Systems

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Kimsuky uses malwareless phishing tactics, Russian email services, and convincing sites to target researchers, institutions, and financial organizations, evading detection.

In a Rush? Here are the Quick Facts!

  • Kimsuky uses malwareless phishing tactics to bypass major EDR detection systems.
  • The group shifted from Japanese to Russian email services for phishing campaigns.
  • Attacks rely on convincing emails impersonating public and financial institutions.

Researchers in South Korea have uncovered a shift in the tactics of the North Korean hacking group Kimsuky , which has begun employing malwareless phishing attacks designed to bypass major Endpoint Detection and Response (EDR) systems, as reported by Cyber Security News (CSN).

This group, active for several years, has targeted researchers and organizations that focus on North Korea. Its evolving strategies aim to evade detection and increase the success rate of its campaigns.

CSN reports that significant change in Kimsuky’s approach involves its email attack methods. Previously, the group relied heavily on Japanese email services for its phishing campaigns.

However, recent findings reveal a transition to Russian email services, making it more challenging for targets to identify suspicious communications and avoid potential compromises, says CSN.

Kimsuky has increasingly adopted malwareless phishing attacks, relying on carefully crafted URL-based phishing emails that lack malware attachments, rendering them harder to detect, according to CSN.

These emails often impersonate entities such as electronic document services, email security managers, public institutions, and financial organizations.

The group’s emails are highly sophisticated, frequently incorporating familiar financial themes to increase their credibility and the likelihood of user engagement, says CSN.

Reports have identified Kimsuky’s use of domains from “MyDomain[.]Korea,” a free Korean domain registration service, to create convincing phishing sites, notes CSN.

A timeline of activities detailed by Genians highlights the group’s gradual shift in domain usage, beginning with Japanese and US domains in April 2024, moving to Korean services by May, and eventually adopting fabricated Russian domains by September, says CSN.

These Russian domains, linked to a phishing tool called “star 3.0,” are registered to bolster the group’s campaigns. A file associated with these attacks, named “1.doc,” was flagged on VirusTotal, with some anti-malware services identifying it as connected to Kimsuky, reports CSN.

Interestingly, the group’s use of the “star 3.0” mailer ties back to earlier campaigns identified in 2021. At that time, the mailer was discovered on the website of Evangelia University, a US-based institution, and was linked to North Korean threat actors in reports by Proofpoint.

The evolving tactics of Kimsuky emphasize the need for vigilance among potential targets.

Cybersecurity experts recommend heightened scrutiny of suspicious communications, particularly those related to financial matters, and the adoption of advanced endpoint defenses.

Staying informed about the group’s methods and updating security policies in response to emerging threats are crucial for protecting sensitive information and maintaining robust cybersecurity measures.