Insights |Cyber Security

25th November 2021

Black Friday 2021: Stay cyber-safe

With online sales set to increase for Black Friday 2021, consumers, retailers and the hospitality industry need to be on alert for potential cyber security threats.

For many, Black Friday 2021 marks the official start to the Christmas shopping season and, excitingly, many retailers announce time-limited sales that promise huge savings to consumers. But it’s also the prime time for cyber criminals to cash in, too.

Some digital threats to watch out for on Black Friday 2021

Phishing attacks

While consumers rush to grab themselves a bargain, they may get caught out in a phishing scandal. Phishing links commonly lead to fake login pages, prompting victims to authenticate themselves on their web account. For instance, victims may think they are logging into their favourite retailer account, when, really, they are handing their username and password over to an attacker, who can use it to their advantage later. Although this affects users directly, it also negatively impacts the retailer’s reputation, which can be difficult to recover.

Malware  

Malware (as the portmanteau suggests) refers to any malicious software designed to harm a computer system by tracking user activity, hijacking functionality or stealing, deleting or encrypting data. Most malware enters your systems via email (96% of it in 2020, say CSO). According to Forbes, malware saw a year-on-year increase of 358% in 2020. There’s no indication of that proliferation slowing, so this should be seen as a high-risk Black Friday cyber threat.

Formjacking

Formjacking is a form of ‘Magecart’ where malicious code is injected into the checkout forms of a website and can go undetected for a long time. Cyber criminals then hijack web forms to steal personal and payment information from shoppers.

Ransomware  

Ransomware encrypts files, so they are made inaccessible to the owner. The cyber criminal then demands a ransom payment in return for releasing the locked files. Ransomware occurs when legitimate ads are hacked (‘malvertising’), or through phishing emails and exploit kits. This will have consequential impact on consumers and retailers/businesses.

Not being prepared enough for cyber threats is a threat

A staggering 3 in 4 IT leaders expressed a lack of confidence in their company’s IT security posture and saw room for improvement. Despite this, just 57% of companies conducted a data security risk assessment in 2020 and businesses need to up their cyber security efforts to reduce these risks and minimise the impact of an attack.

How can you reduce the risk of cyber threats on Black Friday 2021? 

The above attacks take place daily and are not specific to the holiday season or large events like Black Friday, but the volume and frequency of these attacks significantly increase during these times, as more consumers make purchases online.

Being aware of these threats is a step closer to preventing cyber attacks on Black Friday 2021 and during the holiday season to come. Businesses should balance their investments in security awareness training for employees and putting robust security measures in place that can help to scan their systems for suspicious activity. Similarly, consumers need to be better educated and made aware of potential threats.

If you find yourself the victim of a cyber incident, ESA Risk can help you with your response to the attack and to make you cyber-secure in the future, through the design and execution of a strong cyber security plan. Reach out to our Cyber Risk & Security Consultant, Graeme McGowan, at graeme.mcgowan@esarisk.com, on +44 (0)843 515 8686 or via our contact form to find out more.

 

cyber threat landscape

Threat Landscape 2022

Discover the key cyber security threats you need to be aware of this year in our Special Report.

What are you looking for?

Get the advice you need

Deep dive for the answers you need
Or contact us on +44 (0)843 515 8686 or at advice@esarisk.com.

Deep dive for the
answers you need

Lawyers, accountants, advisors, investors, senior
management. You name it, we help them find the answers
they need. Ready to discover how we can help you?