How can retailers and customers stay safe from cyber attacks during the 2020 holidays

For cyber criminals, 2020 year has been one of the most profitable in history as we have seen a massive uptick in cyber related crime activity, scams and fraud. Innocent and unsuspecting businesses and people have been victimized through tens of thousands of cyberattacks exposing hundreds of millions of consumers around the world to fraud through ransomware attacks, phishing email scams and other threats. These attacks have resulted in billions of dollars of losses for businesses.

As we enter the homestretch of 2020 and the holiday shopping season gets underway, retailers should expect to see an increase of cyberattacks on their networks, mobile shopping apps and infrastructure. In fact, Cybereason recently uncovered a widescale cyberattack targeting the customers of the largest Latin American ecommerce platform, Mercado Livre, with more than 300 million registered users. This multistage attack is targeting shoppers of Mercado Livre in Brazil by trying to steal their credit card numbers, login credentials, financial and other sensitive information.

Mercado Livre isn’t alone in 2020 as popular retail sites and ecommerce platforms such as Amazon, eBay, PayPal, Shopify, Stripe, WooCommerce and Wix Stores have been hacked in 2020 or targeted due to their reach. It’s not surprising to see an uptick in attacks against the customers of these popular companies.

Salesforce.com estimates that online holiday shopping in 2020 will increase 35 percent and holiday sales will reach $731 billion. This surge will lead to more attempts by cyber criminals to steal shoppers credit card numbers, social security numbers and other proprietary and personal information. Humans are the weakest link in the cybersecurity protection ecosystem. Shoppers will click on links, download information from dubious websites and unsuspectingly fall victim to fraud because they still down believe hackers will target them.

To help consumers combat the potential online risks, improving security awareness, increasing security hygiene and not lapsing into a false sense of safety are important to defending against cyber crime attempts.

Shoppers flocking to online sites for their holiday shopping this year can do it safely and securely by
following these recommendations:

•  Never click on the links you receive in emails as they could be phishing scams. One of the most popular scams run by hackers is a phishing email purporting to be from a retailer with a great holiday offer of 25% or 50% in total savings. Be suspicious and instead, cut-and-paste the promo codes in the emails and go directly to the retailer’s websites for more information.
• Never visit dubious websites and do not download anything.
• Keep your mobile devices up to date with the latest software updates. Never download mobile shopping apps from unofficial or unauthorized sources. Most legitimate apps are available from Apple’s App Store or Google Play Store. Hackers prey on consumers and dupe them into downloading fraudulent apps laced with malware.
• Don’t fall for smishing (SMS phishing) attacks where hackers infiltrate mobile devices through social engineering, where consumers knowingly or unknowingly divulge personal information. Hackers will send consumers fake text messages to lure victims to click on malicious links, which directs them to malicious web pages.
• Consumers should monitor their credit cards daily during the holiday season for suspicious and unauthorized charges.
• Consumers should pick one of their credit cards or debit cards for their holiday shopping purchases to more easily manage and monitor transactions. Consumers should consider putting a temporary hold on all but one or two credit accounts during the holiday season.
• Because data breaches lead to password theft, consumers need to regularly update their passwords. Do not use the same passwords repeatedly. Surprisingly, consumers still use passwords such ‘password’ or ‘1234567.’ Consumers should also consider using a password manager because they are easy to use and are safe.

Reputable products include, NordPass, LastPass and 1Password. Some companies are offering FREE 30-day trials on their services.

The holidays are a time of great joy and reflection for many people on their accomplishments and achievements throughout the year. It is a time of joy and love and appreciation for family and friends.

Unfortunately, the holiday joy can soon become misery because of the growing risk cyber thieves pose to shoppers and holiday revelers. Be safe and be on the lookout for cybercrime attempts that might just come across your personal devices through phishing emails and other scams. Diligence will reduce the holiday shopping risks facing every shopper around the world this year.

Opinion by Sam Curry, chief security officer, Cybereason