With consumers predicted to spend £8.7 billion over the Black Friday and Cyber Monday weekend this year, businesses must take stock of their digital infrastructure to safeguard from opportunistic cybercriminals.
POS systems, in-store mobile devices and the rise of e-commerce platforms has expanded the attack surface irrevocably, creating new opportunities for cyber attackers to get their hands on valuable customer data. The focus for most IT teams this time of year is on uptime, performance, throughput and availability to optimise retail transactions. But timely patching and other security related updates shouldn’t fall by the wayside.
Practicing basic cyber hygiene, such as using strong authentication, can significantly reduce the risk of compromise. In addition, increased visibility and understanding of their network will provide retailers with an effective way to prioritise threats, reduce cyber risk and ensure they’re able to hit their targets this retail season.
A surprising number of e-commerce security teams are still using legacy systems that lack comprehensive visibility into the full attack surface in modern IT environments. Others are adopting cloud infrastructure to provide additional bandwidth to cover peak periods.This creates blind spots for security leaders. Instead, retailers should be looking for solutions that allow them to gain security context and guidance against high-risk web application vulnerabilities; recognise vulnerabilities in custom code and third-party components used to build e-commerce web applications; and flagging any kind of misconfigurations that can increase exposure.
The risk has significantly increased, in part, as many in the retail sector have been forced to make large technological leaps in response to the pandemic.
There are endless opportunities for scammers to steal data, particularly credit card information shared especially during transactions. Credit card information offers attackers a double payout as they can use the information themselves for purchases, and sell the data to other criminals on the Dark Web.
Retailers must prioritise the security of customer information and their business infrastructure from the threat of cyber-attacks. Only then can business risks – such as stolen data and lost customer trust – be minimised and their operations to grow in a secure manner.”Social Media:
While legitimate advertisers are present on social media sites, such as TikTok and Facebook, the sheer number of scams I’ve observed compels me to advise users to be cautious.
A popular type of social media scam is dropshipping schemes. The problem isn’t with dropshipping itself — the issue is that scammers are leveraging dropshipping to take advantage of unsuspecting customers.
These scammers promote the goods on social platforms, either through aggressive outreach or by purchasing advertisements in order to direct users to their own branded Shopify hosted websites.
However, the seller doesn’t keep the inventory themselves, instead sourcing the goods through a third party, such as AliExpress, where similar items can be sourced cheaply, allowing them to mark-up the price. The consumer could receive counterfeit goods, inferior quality items to that of the image or description shown, or the wrong product entirely. That’s assuming they receive something at all.
The types of drop-shipped goods being promoted vary, including electronics, hardware, kitchen tools, clothing and accessories.
Before making any purchase through social platforms, first try to verify the source, check to see if the item is available directly from an e-retailer at a deeper discount, read reviews to gauge customer sentiment and, when in doubt, shop from a reputable source.