Every day retailers and ecommerce stores have access to key information such as customer payment details and personal data such as addresses, dates of birth and email addresses. With this in mind, it is no wonder that 24% of cyber-attacks are aimed at retailers.
Whether a retail business has a physical premise or an online store, there have been examples of both facing cyber-attacks in recent times. A major data breach occurred at fast fashion online store, SHEIN which affected in the region of 6.42 million customers. Cyber criminals were able to gain access to the company’s servers and steal the personal information of SHEIN’s customers.
Cybercriminals have had to adapt to the enhanced security measures that online stores put into place, but these measures have not stopped retailers from falling foul to attacks in high volume, peak shopping seasons such as Black Friday, Prime Day and the Christmas period.
Whilst businesses are at risk of falling victim to cyber-attacks, it is consumers who often get caught short. Last-minute shoppers and those looking for a good deal are often less diligent in what they access, how they access it and are quick to make a purchase.
Both retailers and consumers need to be vigilant and aware of scams, including fake missed delivery notifications or suspicious emails that lead to never-before-seen webpages.
To help raise awareness of the risks that cybercrime poses to the retail industry, it’s important to highlight the types of attack the industry faces and what businesses in the sector can do to minimise/prevent these types of attacks from occurring.
Below are the top 6 attacks that we see retailers facing, click on the headings to view the full details:
Social media account compromise
If your retail business uses social media platforms (such as Twitter, Facebook, LinkedIn or Instagram), it's important you take steps to reduce the likelihood of damaging content being posted on your behalf. Social media account compromise occurs when someone with unauthorised access hacks or hijacks your profile. This usually occurs as a result of your password being compromised, providing access to your accounts and any other accounts that are linked to the same password.
There are common signs that can help you to identify if your account has been compromised, they range from your password being changed without your permission/you making the change, your contacts/customers reporting strange messages, logins from unusual locations and receiving emails notifying you of unusual activity. To avoid your business accounts being compromised, you should:
Avoid signing up to websites and apps with your personal or business social media accounts.
Avoid using weak passwords and saving your login credentials in browsers, instead you should use a secure password manager.
Do not connect to public Wi-Fi and using social media accounts.
Avoid using the same login credentials across multiple platforms.
Avoid clicking on suspicious links in your inbox.
Do not log into your social media accounts with a shared computer.
Credential stuffing
This is when hackers use stolen usernames and passwords to break into systems to steal data linked to those accounts such as payment details and addresses. Typically 51% of people use the same passwords for work and personal accounts, which makes it really easy for hackers to access personal data from multiple accounts you use. How do they do this? The stolen usernames and passwords are held on the dark web or on databases of personally identifiable information as a result of data breaches. If you visit haveibeenpwned.co.uk, you can enter your email address to see if this has been involved in any data breaches. If it has, you should change the password for that account immediately, and any other account that may have the same password and that is connected to your email address.
Point-of-Sale attacks
A popular type of cyber-attack on the retail industry is point-of-sale (POS) cyber-attacks. POS attacks take place when malicious malware is installed on systems used to conduct financial transactions such as card machines and tills. The malware is designed to steal customer payment data, particularly credit card data from checkout systems.
In a criminal's mind, the sheer volume of payment card information that runs through a POS system equals a big pay day.
It’s critical that you ensure you are always installing the latest updates for systems and software like this, this is the best way to try and keep cyber criminals out of your systems and software.
Web skimming
Every website is built using carefully crafted code that dictates how a site operates, looks, and feels. Website skimming occurs when hackers sneak malware (harmful and dangerous viruses) into a websites code to glean personal information from ecommerce sites. This commonly takes place on the payment page, with this being the area that a user would input in their card/payment information.
Now, most of these payment pages are securely encrypted so don’t panic. However, hackers will target outlets such as small businesses with limited or no tech knowledge and that are more likely to not have airtight and regularly updated security protections. This type of malware is difficult to spot and can affect several individuals at once, thus making it very popular with cybercriminals.
As a retail or ecommerce business, the key to helping prevent these attacks is to regularly update your website hosting system, ensuring that all available software updates have been installed. If a third-party supplier takes care of your website for you, then consider asking them to provide you with how they ensure all updates are completed and how they may scan for attacks like this.
Social engineering
Social engineering is one of the fastest growing cybercrimes out there and it’s our personal information which allows these attacks to be so successful. Offenders are becoming ever more adept in targeting people’s confidential information, gleaning such data as passwords and bank details through very straightforward methods.
Cyber criminals will use the personal information they have been able to glean through social engineering and contact individuals by email, telephone, or text message. They will pose as a legitimate organisation to lure them into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
When it comes to retail and social engineering, one example is where cybercriminals pretend to be a member of management or IT and encourage store employees to follow an instruction which is not genuine. This action would then lead them to provide confidential and personal data that the hackers then use to commit further offences.
Hopefully you will now know a little more about the types of attacks that retailers face and also, are now aware of some steps to take to help prevent these attacks happening to your business.
If you would like to learn how you can further improve your business’s cyber security, please take a look at the free membership available with the Cyber Resilience Centre for the West Midlands.
With this membership, you will receive regular tips and guidance on how to firm up your business’s cyber security. We have already produced checklists for you to follow to help you develop best practices, short and easy to follow videos that highlight how to spot the signs of a phishing attack and many other resources.
Sign up to receive our helpful welcome pack so that you can start protecting your business today.