Eric Schwake, Salt Security Commentary: Valentine’s Day Scams
February 2024 by Eric Schwake, Director of Cybersecurity Strategy at Salt Security
With Valentine’s Day fast approaching, eager romantics must proceed with caution this year, as cybercrime continues to proliferate. Cybercriminals will be looking to strike, as unsuspecting consumers purchase gifts for loved ones and singletons indulge in online dating in search of their perfect match. Eric Schwake, Director of Cybersecurity Strategy at Salt Security:
As with most holidays, attackers use excitement and increased web activity to cause harm. With Valentine’s specifically, users are much more inclined to use online stores to order gifts or dating sites to find love. Because all of these sites use a variety of APIs, attackers look for ways to hack into these data streams to steal confidential data or disrupt the flow of traffic. With more and more business being carried out online as the holidays approach, there is more of a spike in API traffic. While most of this traffic is expected and benign, it tends to make it easier for attackers to hide their nefarious work inside the increased traffic. At the end of the day, organizations are online to try and carry out business, and for companies that rely on holiday spikes in traffic, their focus is to provide goods or services. Unfortunately, this sometimes means there can be a lack of focus on the security side during these busy times. It’s crucial for organizations to develop strong API security controls before their busy seasons related to holidays such as Valentine’s day. API posture governance and security should be planned well in advance with various IT and Security stakeholders to ensure that when busy times come, and the focus shifts to keeping business up and running, there won’t be as many risks associated with an organization’s API assets. During busy times, it’s important to have API security tools that will provide automation around finding API risks to bubble these up rapidly to security teams so they can be responded to before extensive damage can be caused.