News • 12.07.2019

5 tips for retailers to protect their online customers

Amazon Prime Days inspire cybercriminals to shop for victims

Fingers typing on a keyboard, picture colored in dark red; copyright:...
Source: panthermedia.net/Stevanovicigor

Amazon Prime Days is a summer rerun of Black Friday, Cyber Monday, and Christmas shopping – significant price reductions together with a concurrent increase of threat actor activity in the deep and dark web. Looking back, the December 2018 holiday shopping season generated 30 percent higher than usual threat traffic. Based on monitored Dark Web chatter, CyberInt Research expects similar results leading up to Amazon Prime Days and the days following.

To protect against threat actors using their brands to lure customers, retailers can follow these instructions:

Monitor subdomains

  • Identify abandoned subdomains that may be claimed by threat actors and used for phishing, social engineering, and session hijacking.
  • Claim domains with high similarity to yours that may mislead clients and be used by threat actors – for example Wallmart or Targett.
  • Raise awareness among employees and customers regarding phishing attacks via email and websites

Promote your own apps

Apps mimicking the look and functionality of your brand’s official mobile app can trick users to install it and may cause a variety of malicious actions.

  • Constantly seek out the fake apps and have them removed immediately.
  • Recommend that your clients only download apps from recognized mobile app stores, such as Apple App Store, Google Play, and Amazon Appstore.

Check logins

Due to the significant increase in shopping traffic, it’s easier for cybercriminals to disguise their actions. Account checkers and credential stuffing attacks, which predominantly exploit password reuse across sites and use compromised data from third parties to attempt to access your service, are expected to increase during the next week or so.

  • Limit the number of accounts that can be registered from one IP address in a certain period of time.
  • Consider IP monitoring, blacklists, and restrict automated processes by using geo-location and/or IP address block lists to restrict access to only valid IP address ranges.
  • Limit the number of login attempts per HTTP client.

Examine fraudulent activities

Retailers regularly face fraudulent refunds and inventory manipulation.

  • Monitor your online assets to identify threats.
  • Automatically cancel orders involved in fraudulent activity.
  • Block accounts identified as the cause of these fraudulent activities.
  • Have a strict return policy in place.
  • Build and maintain a set of rules to identify fraudulent accounts and requests so you can block them before they are approved.

Educate your employees

Unfortunately, in many situations, employees are the weakest link and fall prey to social engineering attacks, like spear phishing. Employees with access to sensitive data need to be educated about the rising risks during peak shopping times.

  • Increase customer awareness about the risks of password reuse, phishing, and brand appropriation.
  • Install an AI solution to analyze behavior of normal customer connections to detect anomalous activities, with automated mitigation such as prompting the customer for an additional authentication.
  • Invest in threat intelligence monitoring to detect credential dumps from third-party compromises before they become actual threats, giving them time to audit their own customers’ accounts for potential password reuse and allow for proactive measures to be taken, for example, forcing password changes and/or advising customers of the potential breach and dangers of password reuse.
  • Managed threat intelligence monitoring can take investigations further to expose the threat actors’ identities, uncovering exact methods and techniques to try to prevent future fraudulent activities.
Source: CyberInt

related articles:

popular articles:

Thumbnail-Photo: RetailTech Lab opened a national test center in Denmark...
23.06.2020   #payment systems #marketing research

RetailTech Lab opened a national test center in Denmark

The store of the future has opened in Lyngby. One of the partners is the IT company Delfi Technologies.

On June 16, 2020, RetailTech Lab opened its doors to a national test center in the Danish mall “Lyngby Storcenter”. New technology for the retail industry will be tested in close interaction between entrepreneurs, retailers and ...

Thumbnail-Photo: All knitted and sewn up: an online yarn retailer takes a stationary...
13.07.2020   #online trading #brick and mortar retail

All knitted and sewn up: an online yarn retailer takes a stationary foothold

iXtenso’s interview with Joachim Hansen, retail manager at Hobbii

It’s all about yarn at Hobbii. From now on, the Danish retailer does not just sell exclusively online but also in physical stores. Joachim Hansen describes how digitization and personal contact interact in the retail stores. ...

Thumbnail-Photo: Interface for quick serial emulation and enhanced mPOS integration...
26.06.2020   #POS systems #software applications

Interface for quick serial emulation and enhanced mPOS integration

APG expands mobile interface portfolio to enhance connectivity options at the point of sale

APG Cash Drawer, a fast-growing global manufacturer of cash management solutions, announced today the release of a new USB interface option: the 485 USBProLite™ USB to Serial Emulation Interface. This interface solution extends the ...

Thumbnail-Photo: Digital access controls support distancing requirements in the era of...
06.07.2020   #brick and mortar retail #retail

Digital access controls support distancing requirements in the era of Corona

Essential staff are relieved and the risk of infection is reduced

Since the beginning of the pandemic, larger supermarkets and discounters have been imposing entrance restrictions to ensure that only a certain number of people are allowed within their Stores. Usually the access management is carried out by ...

Thumbnail-Photo: Quantity discount on the WIMIsys PT51!
05.08.2020   #POS systems #displays

Quantity discount on the WIMIsys PT51!

From now until September 30th: 10% discount on the WIMIsys PT51 POS System when purchased together with a Swissbit TSE solution

Are you looking for TSE compliant POS solution for your customers in bakery, restaurant or retail shop? ...

Thumbnail-Photo: Payment and retail - what happens after the crisis?...
09.07.2020   #brick and mortar retail #payment systems

Payment and retail - what happens after the crisis?

Interview with Christine Bauer from CCV

We ask Christine Bauer, Vice President International Sales of the payment service provider CCV, which has been firmly established in Germany for 25 years and internationally for 60 years.Mrs Bauer, CCV has been on the market for a very long time, ...

Thumbnail-Photo: Bright future for Copenhagen-based Irma Store...
15.06.2020   #electronic shelf labels (ESL) #price labelling

Bright future for Copenhagen-based Irma Store

Automatic price updates with ESL

Irma Smedetoften is located in the heart of Copenhagen's Northwest Quarter. The area around the Irma store is part of an urban development project where, among other things, the local trade district will be strengthened. Irma has also recently ...

Thumbnail-Photo: “Dear shopping cart, please show me the way!“...
06.07.2020   #self-checkout systems #scanner

“Dear shopping cart, please show me the way!“

Shopping Cart 2.0 – gimmick or idea with intrinsic value?

Not all shopping carts are the same... far from it! Digitization and automation also put their stamp on this aspect of the retail sector. What’s usually a plain, large basket on wheels that makes it easier for shoppers to transport products ...

Thumbnail-Photo: eBay’s management of payments begins scaling globally...
24.07.2020   #online trading #e-commerce

eBay’s management of payments begins scaling globally

Payments initiative reaches a milestone as the Operating Agreement with PayPal expires

Starting today (July 20th), eBay will begin expanding its management of payments around the globe. The company embarked on its journey to manage the end-to-end payments process on its marketplace platform in late 2018 and is already seeing success ...

Thumbnail-Photo: Disposition and shelf maintenance in times of Corona...
19.08.2020   #POS marketing #shop equipment

Disposition and shelf maintenance in times of Corona

Tools for shelf management

The CPG industry is currently experiencing turbulent times just as much as retail. Challenges such as the ban on field sales force visits or the sudden increase in demand for some articles, which leads to gaps in the shelf and loss of sales, are ...

Supplier

CCV GmbH
CCV GmbH
Gewerbering 1
84072 Au i.d.Hallertau
SALTO Systems GmbH
SALTO Systems GmbH
Schwelmer Str. 245
42389 Wuppertal
Delfi Technologies GmbH
Delfi Technologies GmbH
Landgraben 75
24232 Schönkirchen
Apostore GmbH
Apostore GmbH
Uferstraße 10
45881 Gelsenkirchen
POS TUNING Udo Voßhenrich GmbH & Co KG
POS TUNING Udo Voßhenrich GmbH & Co KG
Am Zubringer 8
32107 Bad Salzuflen
APG Cash Drawer
APG Cash Drawer
4 The Drove
BN9 0LA Newhaven
Poindus HQ - Taiwan
Poindus HQ - Taiwan
5F., No.59, Ln. 77, Xing-Ai Rd.,Neihu Dist.
Taipei City 114
Reflexis Systems GmbH
Reflexis Systems GmbH
Kokkolastr. 5-7
40882 Ratingen
Adasys GmbH – a Poindus Company
Adasys GmbH – a Poindus Company
Max-Planck-Straße 10
70806 Kornwestheim