The 16th annual (Organized Retail Crime) ORC study released by the National Retail Federation found 75% of loss prevention executives at a cross-section of large and mid-sized retail companies said ORC activity had increased in the past year, up from 68% last year.
For retailers, a rapid shift to e-commerce means significant opportunity to increase sales margins, in an effort to end the year strong as COVID-19 continues to rattle the industry. However, this opportunity also comes with significant risk, as malicious actors are highly-motivated to exploit holes in retailers’ digital platforms for financial gain this holiday shopping season. To achieve strengthened eCommerce software security, here are four best practices retailers should implement, not just throughout the holiday shopping season, but year-round.
With the world transitioning to ecommerce, your online store is vital for ensuring your products are moving and sales are coming in. While you “can’t sell what you don’t have” in the retail world, you certainly can’t sell without a working online store in the ecommerce arena. Take the steps needed to ensure that all the goodwill and progress you made strengthening your online presence in 2020 is not wiped out in the coming year.
Cyberpion released research today showing that most (83%) of the top U.S. retailers have connections to a vulnerable third-party asset, and nearly half of them (43%) have vulnerabilities that pose an immediate cybersecurity risk.
Before the pandemic, buy online, pickup in store (BOPIS) became hugely popular to consumers who didn’t want to have to wait for items to be delivered, pay for shipping or for those that wanted to avoid shopping in store altogether. However, as retailers adopted BOPIS, its rise flipped a switch and increased opportunities for fraudsters, enabling them to use stolen credit card information to make purchases online and then simply arrive at the store to pick up the item. So what can retailers do to ensure their customers are staying safe? Here are a few things to consider:
Department store chain Kmart has suffered a cyberattack by the Egregor ransomware operation, resulting in the encryption of devices and servers connected to the company’s networks. According to Bleeping Computer, online stores continue to operate, but the 'Transformco Human Resources Site,' 88sears.com, is currently offline, leading employees to believe the outage is caused by the recent ransomware attack.
This holiday season, more consumers than ever will be shopping digitally - and cybercriminals are already capitalizing on the opportunity. Greg Foss, Senior Cybersecurity Strategist at VMware Carbon Black, looked through the dark web to find that: There’s a continued rise in e-skimming attacks in the retail sector, where attackers inject JavaScript into website payment processing pages in order to siphon credit cards and account credentials from customers.
Keeper Security has examined new challenges for the retail industry as part of its Cybersecurity in the Remote Work Era: A Global Risk Report. With the holiday season quickly approaching, Keeper Security is issuing an advisory for retailers.
The NRF Foundation launched two new credentials in its RISE Up program in response to the coronavirus pandemic. The credentials focus on Retail Operations and Customer Conflict Prevention to further ensure retail workers — and the millions of customers they serve — can work and shop more safely and help keep the economy open.
The Retail Loss Prevention and Security Association will be hosting its THINK Tank II summit virtually on October 22. The association also launched a new website that coincides with the summit.
