A report illustrates how cyber criminals are increasingly targeting retailers and their customers through digital and social channels as retailers leverage new channels for increased revenue opportunities
"The Retail and eCommerce Threat Landscape Report (October 2018), notes a 297 percent rise in the number of false retailer websites designed to "phish" for customer credentials. In Q3 alone there was an average of 23 phishing sites per company, which is a significant increase from 2017, which averaged 5.9 phishing attacks per company.
In addition, says the report, there was a 278 percent rise in stolen goods listed on black markets for resale. Even more:
- an average of 22.1 internal login pages or development servers exposed per retail company in 2018. When accessed this gives cybercriminals a portal into the retailer's internal network
- Fake apps and social media profiles are on the rise with a 469 percent spike in suspicious applications and a 345 percent increase in fake social media profiles (respectively) in Q4 2017
"Retailers are increasingly focused on driving sales through a variety of online channels -- Facebook, SMS messaging, Instagram, Twitter and more -- all of which provide an ideal opportunity for fraudsters to lure in new victims through phishing attacks as it is the most common way to obtain stolen credit card numbers," said Guy Nizan, Co-founder and CEO of IntSights Cyber Intelligence. "As prime targets for cyber crime, retailers need to understand how their goods are being sold and bartered for on the Dark Web. This glimpse into criminal behavior and activity helps inform the overall cybersecurity program, leading to an increase in security posture."