It's Cyber Monday again, and while e-commerce companies are preparing for an onslaught of shoppers, they are also heightening their awareness and preparation for potential cyberattacks.
The Monday following the US Thanksgiving weekend means shoppers can get great deals on products and take advantage of offers by small, medium and large retailers.
Unfortunately, the run on deals also presents an opportunity for malicious actors to prey upon those who are seeking to take advantages of those offers and compromising some of those millions of shoppers in search for great deals.
Not only are the shoppers targeted but also the shops themselves are heavily targeted. Past experiences defending very large online shops during high season shopping have shown me that many campaigns are planned well in advance and that many times, criminals follow to the date and the very specific product detail offers that shoppers may publish in order to orchestrate their attack campaigns.
Rod Soto, Director of Research at security technology and services company JASK says, “Malicious actors know that in order to sell anything a store needs to be online during critical periods, this includes the capability to advertise and operate dynamically as the volume of sales may increase or shift to specific products. This is how extorsion campaigns operate in high shopping season, as many malicious actors have the capability of affecting or even preventing stores to operate online.”
Soto continued, “As many established online shops and financial institutions have security measures to detect fraud and stay operative, malicious actors will focus on the weakest link of the security chain the consumer,” and pointed out that the “top threats to Black Friday shoppers are mainly centered in the human vulnerability of being tricked into revealing confidential information or even performing a series of acts that bypass security controls resulting in compromise.”
Soto listed several known attack vectors:
Soto also warned that consumers may be compromised when using free WiFi at airports, hotels, and coffee shops. “Some deals cannot be missed, and criminals know it too. Hacking WiFi and intercepting traffic does not require sophisticated skills. Also, many times people will pull their credit cards and place them in plain view or even read them loudly over the phone. These opportunities may occur more often during seasonal shopping and criminals will be there as well.”
Despite the above threats, Soto said there are things that consumers can and should do in order to protect themselves including:
Soto says the above items should give consumers a good level of security, but that they should also remember to be cautious and use common sense as malicious actors are very clever and may even be able to successfully compromise even the most trusted online stores.
“Apply these principles not only to yourself but your family as they are part of your close circle and likely part of your attack surface," Soto summarized.
Everywhere you look these days, voice is becoming the dominant enablement medium. Whether in a car, at home, in the office, or anywhere else, voice is…
Advances in technology mean that a cybersecurity policy is as important as a physical security policy. Companies are now more vulnerable to attacks on…
Microsoft has long been looking for ways to improve its email client. Unfortunately, for people who prefer to control their mailboxes themselves, some…
Since the oldest times people have sought for ways to save them from hard physical work and menial activities. To find solutions they have invented ne…
When Ginger and David McCullough sold their cattle ranch in the Texas Panhandle and moved to Johnson City to be closer to their son they didn't expect…