It's Cyber Monday again, and while e-commerce companies are preparing for an onslaught of shoppers, they are also heightening their awareness and preparation for potential cyberattacks.
The Monday following the US Thanksgiving weekend means shoppers can get great deals on products and take advantage of offers by small, medium and large retailers.
Unfortunately, the run on deals also presents an opportunity for malicious actors to prey upon those who are seeking to take advantages of those offers and compromising some of those millions of shoppers in search for great deals.
Not only are the shoppers targeted but also the shops themselves are heavily targeted. Past experiences defending very large online shops during high season shopping have shown me that many campaigns are planned well in advance and that many times, criminals follow to the date and the very specific product detail offers that shoppers may publish in order to orchestrate their attack campaigns.
Rod Soto, Director of Research at security technology and services company JASK says, “Malicious actors know that in order to sell anything a store needs to be online during critical periods, this includes the capability to advertise and operate dynamically as the volume of sales may increase or shift to specific products. This is how extorsion campaigns operate in high shopping season, as many malicious actors have the capability of affecting or even preventing stores to operate online.”
Soto continued, “As many established online shops and financial institutions have security measures to detect fraud and stay operative, malicious actors will focus on the weakest link of the security chain the consumer,” and pointed out that the “top threats to Black Friday shoppers are mainly centered in the human vulnerability of being tricked into revealing confidential information or even performing a series of acts that bypass security controls resulting in compromise.”
Soto listed several known attack vectors:
Soto also warned that consumers may be compromised when using free WiFi at airports, hotels, and coffee shops. “Some deals cannot be missed, and criminals know it too. Hacking WiFi and intercepting traffic does not require sophisticated skills. Also, many times people will pull their credit cards and place them in plain view or even read them loudly over the phone. These opportunities may occur more often during seasonal shopping and criminals will be there as well.”
Despite the above threats, Soto said there are things that consumers can and should do in order to protect themselves including:
Soto says the above items should give consumers a good level of security, but that they should also remember to be cautious and use common sense as malicious actors are very clever and may even be able to successfully compromise even the most trusted online stores.
“Apply these principles not only to yourself but your family as they are part of your close circle and likely part of your attack surface," Soto summarized.
Antivirus software is not enough. Apex Technology Services used its decades of IT and cybersecurity
experience to create budget-friendly network security packages every company needs.
Please take a moment to fill out your information so we can contact you directly regarding your request.
Participation in e-sporting betting activities has been on the rise, and technology is the main driver of growth in this industry.
The Internet of Things is a common term in the tech world; however, it is rarely heard among the general population. Although we are all impacted and …
The world today relies on digital ways of life. People are more into social media. A few years ago, social media was just a place to connect and keep …
Robotic arms, also called industrial robots, are also referred to as mechanical arms. These are devices whose functionality is the same as that of hum…
There are several ways the pandemic has impacted the software development industry. Since the COVID-19 outbreak, many software development enterprises…