Cybersecurity on Cyber Monday

The holidays mean different things to different people. For consumers, holidays are about celebrating with friends and family and scooping up great deals. Stores and eCommerce brands plan their sales all year long to coincide with holidays, but Black Friday and Cyber Monday are two of their most important days. According to the National Retail Federation, online Christmas spending is expected to increase between 11%-15% compared to 2020, accounting for $218.3-$226.2 billion.

There is a third group waiting to cash in on online sales – cybercriminals eager to capitalize on the increase in online shopping. The 2020 Trustwave Global Security Report identified the retail industry as the most targeted sector, with almost 25% of all cyberattacks hitting retailers. The massive amounts of data handled and stored by retailers make them an attractive target for hackers. The report noted that 53% of the attacks on retailers were set up to steal card-not-present (CNP) data, 27% targeted retailers’ financial data, 10% targeted card track data, and another 10% harvested user credentials.

Webscale’s 2021 Global eCommerce Security Report found that the number one business challenge eCommerce companies say they face is cyber threats. Most are preparing to increase their security budgets by 15%-20% in the next three years but that begs the question: With Black Friday deals being offered all month long and Cyber Monday just a few days away, what can eCommerce businesses do today to protect themselves from bad actors? The short answer is to know the types of attacks cybercriminals use and understand how to prevent the attacks before the company becomes a victim. Now, let’s expand on that answer.

5 Common Retail Threats

Hackers are constantly launching more sophisticated attacks on all types of businesses, but eCommerce brands are particularly attractive given how vulnerable many retailers are. The tremendous influx of traffic makes online retailers a prime target as many consumers now prefer online shopping over in-person trips to the stores.

Web Skimming

Web skimming, also known as e-skimming or magecart, is a scheme in which hackers inject checkout pages with card-skimming scripts that harvest shopper’s credit card details and personal information. Last year nearly 3,000 Magento sites were attacked this way, but major retailers, including Macy’s Intersport and Tupperware, have also been victims.

Card-not-Present (CNP) Fraud

CNP fraud is an increasing problem for retailers. It happens because online shoppers don’t need to present a physical card to merchants, rendering a card’s built-in security features useless. Hackers can easily use stolen cards to make unauthorized purchases, which costs businesses around $40 billion per year in chargebacks.

Point-of-Sale (POS) Malware

Credit card data, which is usually encrypted, becomes decrypted in a POS device’s RAM during the payment process. When systems aren’t properly secured, POS malware can infiltrate them, searching the RAM for card data before it becomes encrypted and sending the data to another server the hacker can access.

Legacy Security Tools

Legacy systems tend to be incompatible with modern cybersecurity solutions, making them appealing to bad actors. Hackers can infiltrate legacy systems with exploit kits that penetrate networks through spam campaigns, phishing attacks, or compromised credentials, enabling them to access corporate data. Last year, hackers used this method to steal data from 1.1 million RedMart accounts.


Ransomware uses malware to lock companies out of their systems until they agree to pay a ransom to obtain a decryption key. Cybercriminals will launch ransomware attacks on retailers just ahead of Black Friday or Cyber Monday, knowing retailers can’t afford the downtime and forcing them to pay the ransom. A Sophos survey found that in 2020, 44% of retail companies were ransomware victims, and 32% paid up.

How Retailers Can Fight Back During the Holidays (& Every Day)

An attack during Cyber Monday could paralyze a company with lost sales, reputational damage, and potential legal action. Any of those alone can cause permanent and irreversible brand damage.

Cybersecurity is not a set-it-and-forget-it activity. Hackers evolve their methods constantly, so security professionals need to stay up to date on the latest scams and take proactive measures to protect themselves.

Always Be Compliant

Retailers need to stay on top of compliance standards, both for their protection and their clients’. Over the last few years, governments across the globe have instituted data protection standards such as GDPR and CCPA, and many more plan to in the coming years. As retailers cater to international customers, they must know and comply with any governing regulations. Additionally, any retail brand that accepts, stores, transmits, or processes cardholder data must comply with the Payment Card Industry Data Security Standard (PCI DSS). Non-compliance with these or other regulations can result in hefty, crippling fines that businesses may not recover from.

Employee Training Is Never Done

Employees are both a business’s weakest point and best defense. They are prime targets for phishing emails, and research from Deloitte shows that 91% of all attacks started with a phishing scam. Only one person needs to open the wrong email or download an infected file that installs malware on the network. These situations can be avoided by continually teaching employees how to identify suspicious content and instituting a policy for reporting potentially malicious content. Employees should be informed of all existing security measures as part of an onboarding process and kept abreast of any changes or new threats.

Be Proactive

System breaches are usually well hidden by hackers, giving them the advantage. IBM’s Cost of a Data Breach report revealed that, on average, it takes businesses 206 says to detect a breach and 73 additional days to contain it. Breaches that passed the 200-day mark were 37% more costly than those that were mitigated in under 200 days, so being proactive pays off. Proactive security takes threat intelligence data and combines it with threat hunting to find malicious activity within the network.

Invest in the Right Tools

Different businesses have different vulnerabilities; the tools that work for enterprises might not work for SMBs with less manpower. Given the prevalence of cybercrime and the consequence of being a victim, retail businesses need to understand their vulnerabilities and which tools or systems will work best for their setup. For those that don’t have a full-fledged, dedicated security team, it’s best to work with a cyber security company that can actively monitor your organization and has the know-how to handle any potential threats.

Protect eCommerce Businesses with the Right Approach

Two powerful forces are at play for eCommerce brands – retailers’ attack surfaces are expanding, and the cybercrime business is paying better and better. That makes for a challenging environment. Retailers need to understand the risks they face and have plans in place to combat them. A single breach can take even the largest retailer down because this is a game of cat and mouse. However, for those retailers that want to thrive, cyber security cannot be an afterthought. It must be addressed and assessed over and over, updated, and embraced by the entire company.

Sign Up for Updates