It's Cyber Monday again, and while e-commerce companies are preparing for an onslaught of shoppers, they are also heightening their awareness and preparation for potential cyberattacks.
The Monday following the US Thanksgiving weekend means shoppers can get great deals on products and take advantage of offers by small, medium and large retailers.
Unfortunately, the run on deals also presents an opportunity for malicious actors to prey upon those who are seeking to take advantages of those offers and compromising some of those millions of shoppers in search for great deals.
Not only are the shoppers targeted but also the shops themselves are heavily targeted. Past experiences defending very large online shops during high season shopping have shown me that many campaigns are planned well in advance and that many times, criminals follow to the date and the very specific product detail offers that shoppers may publish in order to orchestrate their attack campaigns.
Rod Soto, Director of Research at security technology and services company JASK says, “Malicious actors know that in order to sell anything a store needs to be online during critical periods, this includes the capability to advertise and operate dynamically as the volume of sales may increase or shift to specific products. This is how extorsion campaigns operate in high shopping season, as many malicious actors have the capability of affecting or even preventing stores to operate online.”
Soto continued, “As many established online shops and financial institutions have security measures to detect fraud and stay operative, malicious actors will focus on the weakest link of the security chain the consumer,” and pointed out that the “top threats to Black Friday shoppers are mainly centered in the human vulnerability of being tricked into revealing confidential information or even performing a series of acts that bypass security controls resulting in compromise.”
Soto listed several known attack vectors:
Soto also warned that consumers may be compromised when using free WiFi at airports, hotels, and coffee shops. “Some deals cannot be missed, and criminals know it too. Hacking WiFi and intercepting traffic does not require sophisticated skills. Also, many times people will pull their credit cards and place them in plain view or even read them loudly over the phone. These opportunities may occur more often during seasonal shopping and criminals will be there as well.”
Despite the above threats, Soto said there are things that consumers can and should do in order to protect themselves including:
Soto says the above items should give consumers a good level of security, but that they should also remember to be cautious and use common sense as malicious actors are very clever and may even be able to successfully compromise even the most trusted online stores.
“Apply these principles not only to yourself but your family as they are part of your close circle and likely part of your attack surface," Soto summarized.
Chinese networking giant Huawei took a massive hit this week in the face of an extended ban on its affiliates and subsidiaries as well as a 90-day ext…
The Pentagon is carefully reviewing the details of the potentially $10 billion, 10-year JEDI cloud contract, which will include widespread AI technolo…
Nobody ever really associates the resinous buds of a cannabis flower to the motherboard that operates artificial intelligence. Actually, some of the f…
Drivers who need strong guidance when travelling to a new destination can rely on the top-of-the-line and affordable, TomTom VIA GPS. Read this in-dep…
5G, the latest generation of cellular networks is dominating media headlines and capturing everyone's imagination. Among all this noise, one of the gr…