{"id":8194,"date":"2020-12-20T08:41:51","date_gmt":"2020-12-20T08:41:51","guid":{"rendered":"https:\/\/web3unplugged.io\/blog\/?p=8194"},"modified":"2020-12-20T08:41:54","modified_gmt":"2020-12-20T08:41:54","slug":"businesses-at-risk-from-holiday-shopping-cybercrime","status":"publish","type":"post","link":"https:\/\/web3unplugged.io\/blog\/businesses-at-risk-from-holiday-shopping-cybercrime\/","title":{"rendered":"Businesses At Risk From Holiday Shopping Cybercrime"},"content":{"rendered":"\n<p>Shoppers across the globe make for easy cybercrime targets as they\u2019re on the hunt for the hottest holiday online shopping deals of the year. But consumers aren\u2019t the only ones at risk \u2013 Secureworks\u2019 senior threat researcher Rafe Pilling sees businesses at risk as well.<\/p>\n\n\n\n<p>A main theme across holiday shopping cybercrime is the use of spam, phishing and malware ads. In order to get their targets\u2019 attention, cybercriminals will lure workers into downloading unsecure files, a very similar technique seen throughout COVID-19 into the holiday shopping season.\u00a0<\/p>\n\n\n\n<p>According to Rafe, the retailers themselves can also become targets, point-of-sale malware and credit card skimming attacks are just two of the tools available to criminals, easily injecting harmful code into ecommerce websites.<\/p>\n\n\n\n<p>\u201cThe COVID19 pandemic has resulted in a significant volume of purchases moving online in 2020, everything from online food shops, to everyday essentials, electronics and luxury goods.\u00a0What we may see, like we saw with COVID-19, is cyber-criminals pivoting to use holiday deals as a theme in spam, phishing, mal-vertising and other criminal cyber activity.\u00a0 It is often the theme, rather than the tempo of volume of criminal activity, that changes,\u201d Pilling said.<\/p>\n\n\n\n<p>\u201cOnline ecommerce operators are generally more exposed to a wider range of cyber attacks, however brick and mortar stores can also be targets for Point-of-sale malware or credit card skimming attacks.\u00a0 Injecting code for credit card skimming into ecommerce websites, colloquially know as Mage Cart attacks, has been another vector of criminal activity with some major retailers and travel companies being compromised over the years.<\/p>\n\n\n\n<p>\u201cFor many organizations, the de-centralization of the employee base (i.e. employees working from home), the reduction in reliance on centrally managed IT infrastructure through increased use of cloud services and employees using more of their own devices, has increased their resilience to certain types of cyber attack. It\u2019s more difficult to conduct a wide-scale ransomware attack against an organization whose users aren\u2019t directly connected to the network and that uses multiple cloud service providers to deliver business systems.\u00a0 However, these changes come with their own risks that need to be carefully managed.\u00a0 Monitoring becomes more challenging.\u00a0 A greater emphasis is placed on identity and access management, ensuring only the right users can access the right systems.\u00a0 Additionally, as more companies use cloud services, from a relatively small pool of large cloud infrastructure providers, a lot of businesses and consumers notice when that cloud infrastructure has a temporary disruption.\u00a0<\/p>\n\n\n\n<p>\u201cThe situation is far from hopeless though.\u00a0 A few key controls like adopting multi-factor authentication, expedited patching of internet facing devices, securing remote access solutions, effective enterprise monitoring of systems and networks, and threat intelligence informed risk prioritization put businesses in a strong position to resist a range of common cyber threats including criminal ransomware attacks, business email compromise and targeted intrusions (APT).\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Shoppers across the globe make for easy cybercrime targets as they\u2019re on the hunt for the hottest holiday online shopping deals of the year. But consumers aren\u2019t the only ones at risk \u2013 Secureworks\u2019 senior threat researcher Rafe Pilling sees businesses at risk as well. A main theme across holiday shopping cybercrime is the use [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":8195,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-8194","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"rttpg_featured_image_url":{"full":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/12\/Rafe-Pilling.jpg",2100,2100,false],"landscape":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/12\/Rafe-Pilling.jpg",2100,2100,false],"portraits":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/12\/Rafe-Pilling.jpg",2100,2100,false],"thumbnail":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/12\/Rafe-Pilling-150x150.jpg",150,150,true],"medium":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/12\/Rafe-Pilling-300x300.jpg",300,300,true],"large":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/12\/Rafe-Pilling-1024x1024.jpg",1024,1024,true],"1536x1536":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/12\/Rafe-Pilling-1536x1536.jpg",1536,1536,true],"2048x2048":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/12\/Rafe-Pilling-2048x2048.jpg",2048,2048,true],"post-thumbnail":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/12\/Rafe-Pilling.jpg",420,420,false],"graptor-sq-xs":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2020\/12\/Rafe-Pilling.jpg",100,100,false]},"rttpg_author":{"display_name":"admin","author_link":"https:\/\/web3unplugged.io\/blog\/author\/admin\/"},"rttpg_comment":0,"rttpg_category":"<a href=\"https:\/\/web3unplugged.io\/blog\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","rttpg_excerpt":"Shoppers across the globe make for easy cybercrime targets as they\u2019re on the hunt for the hottest holiday online shopping deals of the year. But consumers aren\u2019t the only ones at risk \u2013 Secureworks\u2019 senior threat researcher Rafe Pilling sees businesses at risk as well. A main theme across holiday shopping cybercrime is the use&hellip;","_links":{"self":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/8194","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/comments?post=8194"}],"version-history":[{"count":1,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/8194\/revisions"}],"predecessor-version":[{"id":8196,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/8194\/revisions\/8196"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/media\/8195"}],"wp:attachment":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/media?parent=8194"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/categories?post=8194"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/tags?post=8194"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}