News • 12.07.2019

5 tips for retailers to protect their online customers

Amazon Prime Days inspire cybercriminals to shop for victims

Fingers typing on a keyboard, picture colored in dark red; copyright:...
Source: panthermedia.net/Stevanovicigor

Amazon Prime Days is a summer rerun of Black Friday, Cyber Monday, and Christmas shopping – significant price reductions together with a concurrent increase of threat actor activity in the deep and dark web. Looking back, the December 2018 holiday shopping season generated 30 percent higher than usual threat traffic. Based on monitored Dark Web chatter, CyberInt Research expects similar results leading up to Amazon Prime Days and the days following.

To protect against threat actors using their brands to lure customers, retailers can follow these instructions:

Monitor subdomains

  • Identify abandoned subdomains that may be claimed by threat actors and used for phishing, social engineering, and session hijacking.
  • Claim domains with high similarity to yours that may mislead clients and be used by threat actors – for example Wallmart or Targett.
  • Raise awareness among employees and customers regarding phishing attacks via email and websites

Promote your own apps

Apps mimicking the look and functionality of your brand’s official mobile app can trick users to install it and may cause a variety of malicious actions.

  • Constantly seek out the fake apps and have them removed immediately.
  • Recommend that your clients only download apps from recognized mobile app stores, such as Apple App Store, Google Play, and Amazon Appstore.

Check logins

Due to the significant increase in shopping traffic, it’s easier for cybercriminals to disguise their actions. Account checkers and credential stuffing attacks, which predominantly exploit password reuse across sites and use compromised data from third parties to attempt to access your service, are expected to increase during the next week or so.

  • Limit the number of accounts that can be registered from one IP address in a certain period of time.
  • Consider IP monitoring, blacklists, and restrict automated processes by using geo-location and/or IP address block lists to restrict access to only valid IP address ranges.
  • Limit the number of login attempts per HTTP client.

Examine fraudulent activities

Retailers regularly face fraudulent refunds and inventory manipulation.

  • Monitor your online assets to identify threats.
  • Automatically cancel orders involved in fraudulent activity.
  • Block accounts identified as the cause of these fraudulent activities.
  • Have a strict return policy in place.
  • Build and maintain a set of rules to identify fraudulent accounts and requests so you can block them before they are approved.

Educate your employees

Unfortunately, in many situations, employees are the weakest link and fall prey to social engineering attacks, like spear phishing. Employees with access to sensitive data need to be educated about the rising risks during peak shopping times.

  • Increase customer awareness about the risks of password reuse, phishing, and brand appropriation.
  • Install an AI solution to analyze behavior of normal customer connections to detect anomalous activities, with automated mitigation such as prompting the customer for an additional authentication.
  • Invest in threat intelligence monitoring to detect credential dumps from third-party compromises before they become actual threats, giving them time to audit their own customers’ accounts for potential password reuse and allow for proactive measures to be taken, for example, forcing password changes and/or advising customers of the potential breach and dangers of password reuse.
  • Managed threat intelligence monitoring can take investigations further to expose the threat actors’ identities, uncovering exact methods and techniques to try to prevent future fraudulent activities.
Source: CyberInt

related articles:

popular articles:

Thumbnail-Photo: Goodbye paper receipts: All documents stored in one app...
16.05.2019   #epos systems #cashpoints, cash register, cash desk

Goodbye paper receipts: All documents stored in one app

What happens when the Receipt Provision Ordinance takes effect? We digitize!

They create a lot of work and endless waste: tons of paper receipts from cash registers end up with customers or the waste bin every day. In early 2020, all consumers must be given a purchase receipt in Germany. That’s what the law mandates. ...

Thumbnail-Photo: Using digital data to drive brick-and-mortar retail success...
31.01.2019   #brick and mortar retail #data analysis

Using digital data to drive brick-and-mortar retail success

Advanced Outlet Analytics

When it comes to using and analyzing relevant data, brick-and-mortar retail lags behind its online competition. While e-commerce retailers use detailed data from web analytics, CRM, and Google searches to analyze user behavior and generate ...

Thumbnail-Photo: Online inventory management system
06.05.2019   #online trading #e-commerce

Online inventory management system

5 things e-commerce retailers should look for

In order to perform online efficiently as an Internet retailer, one needs to choose the most effective inventory management system. Its main features should include centralised user interface, full automation, automated stock checking and ...

Thumbnail-Photo: CIE 2019: Chinas premier B2B trade show
04.03.2019   #e-commerce #event

CIE 2019: China's premier B2B trade show

5th International Internet and E-commerce Expo in Shenzhen

CIE 2019, the 5th China (Shenzhen) International Internet and E-commerce Expo, is the premier B2B trade show in China that focuses specifically on internet technologies and e-commerce as well as the related industries. More than 400 exhibitors ...

Thumbnail-Photo: Posiflex: interactive self-service kiosk systems for the POS...
21.02.2019   #kiosk terminals #self service terminals

Posiflex: interactive self-service kiosk systems for the POS

Going through changes and coming out stronger - Posiflex aquisitions

Thumbnail-Photo: Cameras, comfort and Artificial Intelligence...
09.04.2019   #security #cashpoints, cash register, cash desk

Cameras, comfort and Artificial Intelligence

Video: What self-checkout systems can already offer today

Self-checkout systems are enjoying ever greater acceptance and are regarded as an important future topic for retailers and customers. ...

Thumbnail-Photo: E-commerce: AI-powered translations revitalize business...
29.04.2019   #online trading #e-commerce

E-commerce: AI-powered translations revitalize business

Interview with Boris Zielonka, Director Marketing & Sales, Eurotext AG

Retailers who set up an online store can expand their business – especially if they create a multilingual content strategy.As a language and translation service, Eurotext AG supports retailers in this endeavor. From this conversation with ...

Thumbnail-Photo: Quality and great experiences at irma in Illum...
18.04.2019   #electronic shelf labels (ESL) #labels

Quality and great experiences at irma in Illum

A store with all the best

The customers wanted Irma back and they got that. After two years of absence, Irma has once again opened a store in the basement of ILLUM department store in the late summer of 2018. The new Irma store offers high quality and extra good experiences ...

Thumbnail-Photo: APG Cash Drawer: new SMARTtill business development manager...
15.05.2019   #cash management #cash handling systeme

APG Cash Drawer: new SMARTtill business development manager

APG Cash Drawer announces hire of SMARTtill business development manager

APG Cash Drawer, a fast-growing global manufacturer of cash management solutions, announced today the addition of Tony Pusateri as SMARTtill Business Development Manager. ...

Thumbnail-Photo: Self-service sells
08.02.2019   #touch screens #kiosk terminals

Self-service sells

Kiosks represent an important part of retail’s future

Self-service is growing exponentially in all areas of retail, hotels, restaurants, healthcare and banking environments. Customers increasingly expect self-service technology options and traditional brick-and-mortar stores are no exception. Retailers ...

Supplier

LANCOM Systems GmbH
LANCOM Systems GmbH
Adenauerstraße 20 / B2
52146 Würselen
POSIFLEX GmbH
POSIFLEX GmbH
Flinger Broich 203
40235 Düsseldorf
MobiMedia AG
MobiMedia AG
Rottpark 24
84347 Pfarrkirchen
iXtenso - Magazin für den Einzelhandel
iXtenso - Magazin für den Einzelhandel
Celsiusstraße 43
53125 Bonn
Elo Touch Solutions NV
Elo Touch Solutions NV
Kolonel Begaultlaan 1C11
3012 Leuven
APG Cash Drawer
APG Cash Drawer
4 The Drove
BN9 0LA Newhaven
EUROEXPO Messe- und Kongress-GmbH
EUROEXPO Messe- und Kongress-GmbH
Joseph-Dollinger-Bogen 9
80807 München
Delfi Technologies GmbH
Delfi Technologies GmbH
Landgraben 75
24232 Schönkirchen
ROQQIO Commerce Solutions GmbH
ROQQIO Commerce Solutions GmbH
Harburger Schloßstraße 28
21079 Hamburg