Guest contribution • 05.01.2023

Security for brand and shopping experience?

How retailers can protect their business from cybercriminals

There are numerous steps retailers can and should take to improve their security posture, protect their brand, and ensure a safe shopping experience for their customers during the holiday season (and beyond). Once the shopping season has begun, making extensive changes to a security program or implementing new technology is no longer possible. Nevertheless, retailers can work with existing resources to identify threats in advance and avoid disruption. 

Cloud is a Top Attack Target

Retailers continue to adopt and expand cloud-based (typically multi-cloud) workloads such as e-commerce websites, mobile apps, loyalty programs and microsites to create a convenient and personalized shopping experience for customers. However, as retailers need to quickly respond to market demands by providing their customers with new digital experiences and extending the ones already in place, mistakes and security gaps become inevitable. This presents an invitation to cybercriminals.

System intrusion is an example of a common attack scenario in retail. It usually occurs as part of a malware campaign or data capture function common commonly seen in Magecart-type attacks. These attacks exploit vulnerabilities or utilize stolen or “misplaced” credentials. This allows attackers to capture sensitive information such as passwords and credit card information from online payment forms. According to the Verizon 2022 Data Breach Investigations Report, malware attacks with a “capture app data” functionality are seven times more likely to occur in retail compared to other industries.  

When protecting data hosted in a cloud, tasks such as gaining visibility and control over potential attack surface, quickly patching vulnerabilities (or mitigating attack methods) and implementing strong API security controls are critical. In addition, retailers can benefit from a comprehensive cloud visibility solution that provides an easy-to-use dashboard for monitoring workloads across multiple clouds.

Man with short hair and in white shirt crosses arms and looks at camera....
Thorsten Henning, Director Systems Engineering DACH at Fortinet
Source: Fortinet

Protecting brand reputation requires vigilance

The customer user experience has evolved significantly over the past decade, as have e-commerce platforms themselves. Retailers understand that customers want a smoother shopping experience, more curated offerings, and a frictionless checkout process. To make it happen, they are willing to provide their data. The widespread use of content management systems (CMS) and content delivery networks (CDN) enables retailers to easily and quickly set up new websites. Yet, distinguishing between real websites and those created for fraudulent purposes can be tricky.  

Last year, Fortinet identified several fake websites at the beginning of the Christmas shopping season. One example was a popular power tools website that cybercriminals spoofed. Customers who placed orders through this fake website received counterfeit products. Attackers will continue to fake retailers’ websites as well as their social media accounts to trick customers into handing over their credit card details. This is a very profitable scam for cybercriminals.

Such cyberattacks not only damage potential customers financially, but also hurt the core of any business: its brand reputation. Although companies may not know who is behind an attack, it is of great interest to them to protect their customers. A good way to prevent these attacks is using a Digital Risk Protection Service (DRPS). Such a service provides proactive monitoring and risk analysis of a brand’s digital assets. It also gives IT security teams insight into the perspective of attackers, which allows them to stop the threats before they turn into full-scale cyberattacks.

How to protect brands and customers in pre-Christmas season

Cybercriminals are constantly searching for new opportunities to take advantage of retailers and their customers during the busiest shopping season. But if retailers are aware of the increased risks and take a proactive approach to security, they reduce the likelihood of cybercriminals ruining the holidays for them and their customers. The following measures should be kept in mind to keep the brand and customers safe:

  • Regularly reviewing and optimizing security technologies and collaborations
  • Setting the highest standards for proactive monitoring
  • Educating employees and customers on common cybersecurity practices and motivating them to report suspicious activity.

With these measures, retailers can safeguard their own brand and customers ensuring a more pleasant holiday season for all. 

Author: Thorsten Henning, Fortinet

related articles:

popular articles:

Thumbnail-Photo: K5 Future Retail Conference - Top speakers on all aspects of e-commerce...
25.05.2023   #e-commerce #retail

K5 Future Retail Conference - Top speakers on all aspects of e-commerce

20.06.2023 - 21.06.2023 | Berlin

On June 20 and 21, 2023, the ESTREL Berlin will open its doors. Top speakers and experts from e-commerce will come together at the K5 FUTURE RETAIL CONFERENCE 2023. This year, K5 is taking place under very special conditions: the ongoing ...

Thumbnail-Photo: New GS1 Germany requirements in force for better data quality...
12.06.2023   #online trading #digitization

New GS1 Germany requirements in force for better data quality

Brands facing new challenges to providing product content to German retailers through the GDSN

GS1 Germany released two new requirements impacting brands selling food/beverage (and food-adjacent) products to the German market aiming at increasing product data quality passing through the Global Data Synchronization Network (GDSN). ...

Thumbnail-Photo: Extenda Retail launches loss prevention engine...
26.05.2023   #brick and mortar retail #retail

Extenda Retail launches loss prevention engine

Industry leader in retail software development, launches a revolutionary self service and loss prevention (SSLP) solution, powered by machine learning to tackle self-service retail challenges

Retailers are increasingly offering self-serve options to in-store consumers ranging from self-checkout to self-scan, and mobile Scan & Go. And with the boom of self-service comes the inevitable increase in shrink which Forbes now estimates to ...

Thumbnail-Photo: MikMak rolls out e-commerce acceleration platform...
12.06.2023   #e-commerce #retail

MikMak rolls out e-commerce acceleration platform

Platform offers brands insights that drive business performance

MikMak, the leading e-commerce acceleration platform for multichannel brands, today announced the launch of MikMak 3.0. The enhanced platform enables commerce and conversion opportunities across every consumer touchpoint, along with more advanced ...

Thumbnail-Photo: Something is stirring on the shelf
25.05.2023   #e-commerce #brick and mortar retail

Something is stirring on the shelf

Attracting attention with animated product presentation

A few aisles, many haphazard shelves and even more competing products – how can brands stand out from the crowd? A Romanian start-up has also asked itself this question. The answer: Tokinomo, an interactive robot arm that brings products to ...

Thumbnail-Photo: Perfect Corp. and Warner Bros. partner for interactive AR movie try-on...
13.06.2023   #Tech in Retail #app

Perfect Corp. and Warner Bros. partner for interactive AR movie try-on experience

YouCam Apps launches an exclusive collection of AR movie effects for Warner Bros. The Flash

Perfect Corp., the leading AI & AR beauty and fashion tech solutions provider and developer of the YouCam Suite of Apps, has launched an interactive augmented reality (AR) movie experience for Warner Bros. Pictures’ upcoming film The Flash. ...

Thumbnail-Photo: The Top 500 European cross-border online shops...
12.04.2023   #online trading #e-commerce

The Top 500 European cross-border online shops

The "Top 500 Cross-Border Retail Europe" edition is a major compilation of cross-border data from the websites of European retailers

Cross-Border Commerce Europe has released a major research paper covering and ranking the 500 strongest European players with a focus on cross-border performance. The total online EU cross-border market generated €179.4 billion in 2022 ...

Thumbnail-Photo: The future of marketing is conversational
13.04.2023   #customer satisfaction #digitization

The future of marketing is conversational

Global survey: 88% of consumers are seeking text messaging conversations with brands

Consumers around the world are more comfortable than ever interacting with brands, when they feel they’re getting value. The annual "State of Conversational Commerce Report" from Attentive revealed 91% of consumers have already opted ...

Thumbnail-Photo: Shoptalk Europe
02.05.2023   #e-commerce #retail

Shoptalk Europe

09.05.2023 - 11.05.2023 | Barcelona, Spain

Uniting Europe's entire retail ecosystemThe biggest, most influential and rising retailers and brands across Europe and worldwide unite at Shoptalk Europe for unrivaled business-critical connections, conversations, insights and extraordinary ...

Thumbnail-Photo: In-store communication: the key is feeling good...
30.03.2023   #multichannel commerce #customer experience

In-store communication: the key is feeling good

What matters in the meantime is the optimal customer approach

"Bringing Digital Retail to Life". For Radio Point of Sale GmbH of Kiel, Germany, the slogan says it all. The company focuses on the possibilities of auditory, visual and interactive communication at the point of sale within the ...


Extenda Retail Ab
Extenda Retail Ab
Gustav III:s Boulevard 50A
169 73 Solna