Cybercriminals Already Profiting from the Retail Season
December 2020 by CyberInt
Cybercriminals are enjoying the shopping season lockdown, taking it as an opportunity to accelerate their fraud efforts. According to Cyberint, the leading provider of Intelligence-driven Digital Risk Protection, illegal use of credit cards was up 110 percent during the first week of November alone.
Some of the latest trends identified on the Dark Web were that the number of stolen credit card user credentials for sale increased by 186%. Also, the number of fake credit cards and payment methods for sale was up by a whopping 290% in just that one week.
Threats are expected to intensify in the period leading up to December 25th, creating a season full of brand hijacking, phishing, fake payment methods, and stolen user credentials. Refund fraud attempts will extend well into January 2021. Recently, a customer of a national clothing retailer clicked on a fake website that mimicked the brand, requesting that she fill out a survey to receive branded vouchers. She answered the questions and was bombarded with spam, texts, and calls. The retailer was only made aware of the issue after she called to complain. This could have been proactively handled by the retailer if the threat intelligence were available.
“While online shopping has seen significant growth over the years, most purchases during this holiday season will be via ecommerce due to the pandemic,” said Yochai Corem, CEO of Cyberint. “Cybercriminals, already happily used to working remotely, are using this to their advantage. This year demands ecommerce retailers heighten their vigilance.”
Corem encourages retailers to take a proactive approach to their cyber focus and shares some insights on what will help retailers to heighten their security posture immediately.
• Identify abandoned subdomains that can be used for phishing, social engineering, and session hijacking. Check for abandoned subdomains of your business here
• Scan the app stores to remove fake apps that mimic the look and functionality of a brand’s official mobile app
• Limit the number of accounts that can be registered from one IP address during a specified time period to prevent credential stuffing attacks that exploit password reuse across sites and use compromised data from third parties
• Reduce fraudulent refunds and inventory manipulation by regularly monitoring online assets to identify unlawful refund attempts
• Increase customer awareness about the risks of password reuse, phishing, and brand appropriation
• Implement multi-factor identification to ensure stolen credentials aren’t being used in attack attempts
“Last, but not the least, partnering with a cybersecurity provider with extensive experience in the retail industry will provide the retailer with enriched, contextualized threat intelligence, while eliminating noise and false positives. This allows the retailer to focus efforts and gain increased operational efficiency while minimizing digital risks,” concluded Corem.