Commentary
E-COMMERCE, TECHNOLOGY | editor, Australia
view(s)
Jacqueline Jayne

How Asian retailers can stay safe online during holiday online shopping events

BY JACQUELINE JAYNE

The run up to Christmas is the biggest spending season of the year. Criminals know that consumers will be looking for deals and will be receiving more packages than any other time of the year.

These criminals use this to trick people into making purchases on shady websites and falling for phishing emails that focus on missed deliveries and cancelled orders. Using email phishing to get consumers to log in to fake websites looking like Amazon.com or other major retailers, the criminals then steal the user name and password to log in to the account and make purchases with previously linked credit cards in the account.

These fraudulent purchases can use up available credit or get cards locked down for fraud, keeping consumers from doing the shopping they need to get done. In addition, the hassle and stress of dealing with stolen credit card information or fraudulent purchases is not something anyone needs to be dealing with during the holidays.

Retailers need to make sure they're securing their communications and supply chain between third party vendors and within their own infrastructure. Organisations want to enable multi-factor authentication for sensitive systems to prevent unauthorised access and protect their important data, assets, and accounts.

McAfee’s July Quarterly Threats Report found that attacks targeting the retail industry have steadily increased by 15% in the first quarter of 2020. As a result of Covid19 restrictions, more people will be turning to online shopping than ever which will become a desirable target by cybercriminals across the globe.

Many retailers would be thrilled just to be in business and looking forward to a big holiday season and they are probably not cyber ready. Credit card data is a form of currency for cybercriminals and retailers have a lot of it. POS (Point of Sale) systems are a point of attack to obtain credit card details and personal identification numbers (PINs). In these instances, malware (malicious software) is installed on the POS which will record everything.

Most malware will find its way onto a POS via email where an employee would unintentionally engage with a phishing email (malicious email) what results in the deployment of the malware. Another form of malware to be aware of is a Denial of Service (DoS) that is designed to disrupt. What happens here is that the network is flooded with requests that the servers are unable to deal with resulting in an application or website not functioning. Then there’s Ransomware - another form of malware, and as the name suggests, once this malicious software has been deployed, systems are shut down and a ransom is demanded. Disgruntled or casual employees looking to make extra money or cause disruption need to be considered as well. These are known as ‘insider threats’ and are becoming increasingly popular.

It is important to note that phishing accounts for 90% of successful cyber attacks so your employees need to be aware of the red flags to look for.

Should a retailer become the victim of a successful cyberattack, the results can be catastrophic. Loss of reputation, financial impact, brand damage, loss of trust, and even having to close the doors. This is nothing to laugh at. This is serious business for the cybercriminals and protecting your systems, customers, and even vendors must be a priority.

What can retailers do to stay safe?

  1. Patch all software and check that your networks are safe from vulnerabilities.
  2. Communicate with vendors and ask them what they have in place for cybersecurity.
  3. Take their employees through new-school security awareness training to avoid falling for scams and social engineering attacks in both their personal and professional lives.
  4. It would be advisable for them to educate their customers on what to look out for to avoid being scammed. All online retailers should have a page on their website dedicated to communicating with their customers on any scams that have been reported.
  5. Using social media is also a great way to keep customers up-to-date with scams and can also be used as a platform to educate on staying safe online.
  6. Educate customers who come into your physical stores on staying safe online and shopping safely.

The views expressed in this column are the author's own and do not necessarily reflect this publication's view, and this article is not edited by Retail Asia. The author was not remunerated for this article.

Do you know more about this story? Contact us anonymously through this link.

Click here to learn about advertising, content sponsorship, events & rountables, custom media solutions, whitepaper writing, sales leads or eDM opportunities with us.

To get a media kit and information on advertising or sponsoring click here.

Jacqueline Jayne

Jacqueline Jayne

Jacqueline Jayne is the APAC Security Awareness Advocate for KnowBe4, the provider of the world’s largest integrated Security Awareness Training and Simulated Phishing platform. She has over 20 years' experience as a conduit between people and technology and has mastered the art of communication and influence. Previously, she led a successful cybersecurity education and awareness program that changed behaviour and culture, aimed at helping users make better security decisions online. 

Contact Information