Blueliv - Avoiding the Inevitable this Black Friday/Cyber Monday
November 2018 by Patryk Pilat, Head of Pre-Sales Engineering at Blueliv
As Black Friday and Cyber Monday draw near, Patryk Pilat, Head of Pre-Sales Engineering at Blueliv, has provided his advice to both consumers and retailers to ensure their data is secure.
Patryk Pilat, Head of Pre-Sales Engineering at Blueliv.
"Make no mistake - cybercriminals steal credentials to make a profit. From blackmail and ransom, through to selling sensitive information on the dark web, there’s nothing a hacker wouldn’t do to ensure they get a return on investment. With Black Friday and Cyber Monday on the horizon, the threats will only increase for both the consumer and the enterprise.
Retailers of all sizes should keep security front of mind as they prepare for higher-than-usual demand of their website, mobile apps and POS devices. Tactics that cybercriminals use include malware infections, phishing, DNS hijacking, leaked databases and social engineering, so consumers and retailers alike, should heed much the same advice to avoid information falling into the wrong hands.
· Retails should ensure customer data is secure and has the highest level of encryption possible.
· Secure your own data – all it takes is a single good credential for an attacker to gain access to an organisation and cause havoc. Multifactor authentication is a good start, but all employees should be well-versed in basic cybersecurity awareness including regularly changing login credentials and knowing how to spot potential phishing emails. The same can be said for the consumer - using the same password across multiple sites can leave you open to attack.
· Domain protection – even the most savvy can fall for phishing scams, which have become more sophisticated as cybercriminals experiment with new techniques, such as fraudulent domains and spoofed websites. Many vendors offer real-time alerts to detect this activity and take mitigating measure before its too late. For consumers - think before you click, go direct to the retailer’s site yourself rather than via third parties.
· Test, test and test again! – ongoing penetration testing and vulnerability assessments should be prioritised across all systems and platforms. This will minimise your cyber-risk by considering and protecting as many possible attack vectors as possible.
As shoppers get smarter, they are questioning the cybersecurity setup of the companies they shop with. Reputation is everything in this industry – don’t allow yours to be damaged this festive season."