Cyber Criminals Are Banking On Black Friday

With the Coronavirus pandemic keeping many people away from the high street, bargain-hunters will be relying even more on online shopping and with more businesses looking to move their business online during Black Friday and Christmas this year. In the absence of footfall in their shops, thousands of retailers will be working hard to take their offers online and give customers the opportunity to make their purchases digitally.

There will be a surge in online transactions over the next month and this will also mean a surge in attacks from hackers and other cyber criminals. 

With a total anticipated spend of around £6 billion, this sale period will be crucial for many retailers who have faced significant financial and logistical challenges throughout 2020 due to the Coronavirus pandemic. But it’s important for e-commerce businesses and consumers to be aware that they aren’t the only ones making preparations for a big November. 

Cyber criminals will also be aiming to profit from this period and looking to seize potentially lucrative opportunities at a time when they know that payment card data and personal details will be flowing through digital databases at a faster rate than ever.

In the US, Black Friday has become the biggest shopping day of the year, as the day after the Thanksgiving holiday retailers mark down their prices to kick-start the gift-buying season and get consumers spending. In the last decade, to boost online retail equally, Cyber Monday has been introduced the first Monday after Thanksgiving making US consumers go online for the best bargains.

In previous years, phishing attacks alone have seen an increase of 300% around Black Friday, putting consumers at greater risk of text, email and social media scams. Add malware, ransomware, viruses and distributed denial of service (DDoS) attacks into the mix and all of a sudden trading online can feel like a dangerous place to be.

Yet with the right preparation and attention to detail, you can have a profitable and productive Black Friday period.

What Can Be Done To Minimise The Risk Of A Cyber Attack?

If your business is trading online this November, it is important to take steps now, rather than simply ignoring the risk and hoping for the best. By putting the right measures in place, you can not only reduce the likelihood of a breach but also enhance your reputation and help customers to safeguard themselves. Communication is key and letting your customers know you are vigilant in cyber security will actually build customer confidence in the process. Alert them to your security and privacy procedures and tell them what you are doing to safeguard them. 

If you discover that scammers are using your brand to target customers, issue a prompt warning and urge them to check that any links used to your website are legitimate. If you find and isolate those scams before your customers do, then all the better. For that you will need professional help.

With time running short a good step to take is to scan your digital assets for vulnerabilities now and test your defences so you know where you need to improve. 

This is known in cyber security as Penetration Testing. Using real world experience of all types of attack, highly qualified professionals can put your website through its paces to ensure that it’s fit for purpose. By mimicking the type of attacks carried out by potential hackers, a penetration tester can explore and recommend necessary improvements before an attacker finds them.

There is no doubt that businesses around the globe will be more dependent on e-commerce than ever before this Black Friday. Given the events of the last few months we all hope that it’s a successful one for businesses that have struggled to trade through the uncertainty of 2020. 

BDaily:        Mirror:       Finance Digest:      Guardian:

If you have any concerns about the resilience of your online presence against the threat of a cyber attack, now would certainly be the time to consult an expert you can trust. Check out our free access Cyber Security Service Supplier Directory to find the right expertise in your location: 

Directory Listings: Pentesting & Security Assessments

You Might Also Read: 

Cybercrime In Britain Does Serious Harm:

 

 

« Trump Fires National Cyber Security Chief
CYRIN Cyber Alert - Test-Drive The CYRIN Cyber Range »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Andrisoft

Andrisoft

Andrisoft develops WANGUARD, an anti-DDoS Software solution that monitors IP traffic using packet-based and flow-based Sensors, and protects networks

Aqua Security Software

Aqua Security Software

Aqua Security helps enterprises secure their cloud native applications from development to production, whether they run using containers, serverless, or virtual machines.

(ISC)2

(ISC)2

(ISC)² is an international, nonprofit membership association for information security leaders. Our information security certifications are recognized as the global standard for excellence.

X-act Forensics

X-act Forensics

X-act forensics are computer forensic experts with experience in cases of computer fraud, intellectual property theft, and social networking cases.

Geobridge

Geobridge

Geobridge is a leading information security and compliance provider for retail, financial services, healthcare, manufacturing and government markets

Dcoya

Dcoya

Dcoya's complete security awareness training program gives you out-of-the-box compliance with PCI-DSS, HIPAA, SOX and ISO regulations.

Intersec Worldwide

Intersec Worldwide

Intersec Worldwide is a boutique Information Security Firm specializing in PCI Compliance, Assessment, Remediation, Forensics, Data Breach Investigations, Incident Response and IT Managed Services.

Swiss Accreditation Service (SAS)

Swiss Accreditation Service (SAS)

SAS is the national accreditation body for Switzerland. The directory of members provides details of organisations offering certification services for ISO 27001.

LinkUp

LinkUp

LinkUp is a leading data-driven job search company. Every day we index millions of job openings directly from employer websites.

S2S Group

S2S Group

S2S Group specialise in the destruction and management of IT assets at the end of the lifecycle.

Adzuna

Adzuna

Adzuna is a search engine for job ads used by over 10 million visitors per month that aims to list every job everywhere, including thousands of vacancies in Cybersecurity.

BluBracket

BluBracket

BluBracket is the first comprehensive security solution that makes code safe—so developers can innovate and collaborate, and security teams can sleep at night.

Eureka Technology Partners

Eureka Technology Partners

Eureka Technology Partners are committed to helping you focus on your business by taking care of your IT infrastructure and data security needs.

Thoma Bravo

Thoma Bravo

Thoma Bravo is a leading private equity firm with a 40+ year history and a focus on investing in software and technology companies.

Onclave Networks

Onclave Networks

Onclave Networks is a global cybersecurity leader, transforming the future of securing all IT/OT devices and systems.

Infinidat

Infinidat

Infinidat delivers enterprise-proven solutions for data storage, data protection, business continuity, and sovereign cloud storage.