News • 12.07.2019

5 tips for retailers to protect their online customers

Amazon Prime Days inspire cybercriminals to shop for victims

Fingers typing on a keyboard, picture colored in dark red; copyright:...
Source: panthermedia.net/Stevanovicigor

Amazon Prime Days is a summer rerun of Black Friday, Cyber Monday, and Christmas shopping – significant price reductions together with a concurrent increase of threat actor activity in the deep and dark web. Looking back, the December 2018 holiday shopping season generated 30 percent higher than usual threat traffic. Based on monitored Dark Web chatter, CyberInt Research expects similar results leading up to Amazon Prime Days and the days following.

To protect against threat actors using their brands to lure customers, retailers can follow these instructions:

Monitor subdomains

  • Identify abandoned subdomains that may be claimed by threat actors and used for phishing, social engineering, and session hijacking.
  • Claim domains with high similarity to yours that may mislead clients and be used by threat actors – for example Wallmart or Targett.
  • Raise awareness among employees and customers regarding phishing attacks via email and websites

Promote your own apps

Apps mimicking the look and functionality of your brand’s official mobile app can trick users to install it and may cause a variety of malicious actions.

  • Constantly seek out the fake apps and have them removed immediately.
  • Recommend that your clients only download apps from recognized mobile app stores, such as Apple App Store, Google Play, and Amazon Appstore.

Check logins

Due to the significant increase in shopping traffic, it’s easier for cybercriminals to disguise their actions. Account checkers and credential stuffing attacks, which predominantly exploit password reuse across sites and use compromised data from third parties to attempt to access your service, are expected to increase during the next week or so.

  • Limit the number of accounts that can be registered from one IP address in a certain period of time.
  • Consider IP monitoring, blacklists, and restrict automated processes by using geo-location and/or IP address block lists to restrict access to only valid IP address ranges.
  • Limit the number of login attempts per HTTP client.

Examine fraudulent activities

Retailers regularly face fraudulent refunds and inventory manipulation.

  • Monitor your online assets to identify threats.
  • Automatically cancel orders involved in fraudulent activity.
  • Block accounts identified as the cause of these fraudulent activities.
  • Have a strict return policy in place.
  • Build and maintain a set of rules to identify fraudulent accounts and requests so you can block them before they are approved.

Educate your employees

Unfortunately, in many situations, employees are the weakest link and fall prey to social engineering attacks, like spear phishing. Employees with access to sensitive data need to be educated about the rising risks during peak shopping times.

  • Increase customer awareness about the risks of password reuse, phishing, and brand appropriation.
  • Install an AI solution to analyze behavior of normal customer connections to detect anomalous activities, with automated mitigation such as prompting the customer for an additional authentication.
  • Invest in threat intelligence monitoring to detect credential dumps from third-party compromises before they become actual threats, giving them time to audit their own customers’ accounts for potential password reuse and allow for proactive measures to be taken, for example, forcing password changes and/or advising customers of the potential breach and dangers of password reuse.
  • Managed threat intelligence monitoring can take investigations further to expose the threat actors’ identities, uncovering exact methods and techniques to try to prevent future fraudulent activities.
Source: CyberInt

related articles:

popular articles:

Thumbnail-Photo: Self-Service for the ultimate customer experience...
19.02.2020   #brick and mortar retail #self-checkout systems

Self-Service for the ultimate customer experience

EuroShop 2020: iXtenso spoke with Diebold Nixdorf

Diebold Nixdorf as a leader in connected commerce offers innovative technologies for the optimized mix of self-service and checkout systems. With the program Storerevolution™ their solutions are a benefit for customers and retailers at the ...

Thumbnail-Photo: Automated delivery services sprang up during China’s Covid-19 lockdown...
03.06.2020   #coronavirus #delivery

Automated delivery services sprang up during China’s Covid-19 lockdown

Retail technologies at Smart Retail Expo (SRE 2020)

In response to the Covid-19 outbreak, China’s retail giants JD.com and Meituan both deployed their smart deliver robots/vehicles in heavily locked down cities, such as Wuhan and Beijing. Insiders believe automated delivery technology will be ...

Thumbnail-Photo: Stay safe with VariPOS
11.05.2020   #cashpoints #terminals

Stay safe with VariPOS

How technology helps – Stay safe at the point of sale

Technologies for product identification and payment authentication are great for improving the customer experience with speed and accuracy, but these technologies are also being seen as beneficial in the wake of the Coronavirus Pandemic. ...

Thumbnail-Photo: Consumer survey: social distancing is changing shopping habits...
10.04.2020   #brick and mortar retail #payment systems

Consumer survey: social distancing is changing shopping habits

Touchless or self-checkout options preferred for instore shopping during COVID-19 pandemic

Nearly two-thirds of consumers are changing their grocery shopping habits in response to the worldwide COVID-19 pandemic, according to a recent consumer survey from Shekel, pioneers in advanced weighing technologies. And 87 percent of shoppers say ...

Thumbnail-Photo: The safety barrier you need right now
02.06.2020   #customer satisfaction #security

The safety barrier you need right now

Poindus ProShield is an effective protection screen.

Safeguards like social distancing implemented in-store during staff-customer interactions are enhanced with our ProShield, an effective protection screen that provides an additional layer of protection for cashiers & customers at the point of ...

Thumbnail-Photo: Contactless? Cross-channel? Consumer-friendly?...
11.05.2020   #mobile payment #payment systems

Contactless? Cross-channel? Consumer-friendly?

Things to look for in a payment solution

Whether it’s e-commerce, point of sale, or mobile payment: we have to pay for our purchase. But what do customers want and expect from a payment solution? How can retailers meet these expectations and are self-checkouts really a faster option ...

Thumbnail-Photo: The cash register capable of everything
18.02.2020   #customer satisfaction #epos systems

The cash register capable of everything

Flexible use from manned checkout to self-checkout point

Customers walking through the store with their own cash register on hand? This versatility of shop technology and shop fittings corresponds to the change in brick and mortar retail. MAGO wants to help retailers to meet this challenge with ...

Thumbnail-Photo: Cutting through the tax jungle
25.02.2020   #online trading #e-commerce

Cutting through the tax jungle

Startup helps online retailers to be fully compliant with European VAT regulations

Anyone who sells goods online is obliged to pay value-added tax (VAT). The amount depends on the respective national regulations. But what happens if you have cross-border exports and transactions? How much VAT do sellers have to pay in this case ...

Thumbnail-Photo: Our bot is happy to assist you
31.03.2020   #consulting #customer relationship management

Our bot is happy to assist you

Chatbots and AI virtual assistants automate customer service

Chatbots and virtual assistants – some think they are creepy, others consider them a part of daily life. Either way, they patiently answer frequently asked questions related to the opening hours of the nearest supermarket.By now, some ...

Thumbnail-Photo: Promotions and new product launches
04.06.2020   #product presentation #coronavirus

Promotions and new product launches

Challenge for CPG companies in the Corona crisis

The industry is also affected by the Corona crisis, although retail store were always open and some products were allowed to experience a real boost in sales through so-called hoarding. But there are very big challenges in this time. On the one ...

Supplier

POS TUNING Udo Voßhenrich GmbH & Co KG
POS TUNING Udo Voßhenrich GmbH & Co KG
Am Zubringer 8
32107 Bad Salzuflen
Checkpoint Systems GmbH
Checkpoint Systems GmbH
Ersheimer Str. 69
69434 Hirschhorn a. Neckar
Poindus HQ - Taiwan
Poindus HQ - Taiwan
5F., No.59, Ln. 77, Xing-Ai Rd.,Neihu Dist.
Taipei City 114
APG Cash Drawer
APG Cash Drawer
4 The Drove
BN9 0LA Newhaven
HappyOrNot
HappyOrNot
Innere Kanalstraße 15
50823 Köln
GLORY Global Solutions (Germany) GmbH
GLORY Global Solutions (Germany) GmbH
Thomas-Edison-Platz 1
63263 Neu-Isenburg
Saint Gobain Sovis
Avenue de la Republique
2407 Chateau Thierry Cedex
Nagarro Allgeier ES GmbH
Nagarro Allgeier ES GmbH
Westerbachstr. 32
61476 Kronberg im Taunus
MAGO S.A.
RUSIEC ALEJA KATOWICKA 119/121
05-830 Nadarzyn
Diebold Nixdorf
Diebold Nixdorf
Heinz-Nixdorf-Ring 1
33106 Paderborn