Malware

Cyber criminals eye Black Friday

Read time 2min 50sec
Cyber criminals are gearing up for Black Friday.
Cyber criminals are gearing up for Black Friday.

Black Friday is just around the corner, and it is not only retailers and consumers that are looking forward to the start of the shopping season. Cyber criminals are also eyeing the proliferation of mobile shopping apps as potentially lucrative attack opportunities.

So says Rusty Carter, VP of product management at Arxan, adding that consumers caught up in the excitement of a bargain do not think about cyber security.

"It is this type of distraction that opens shoppers up to multiple risks."

He adds that the increasing range of mobile commerce services brings new risks. Business transactions via the Web and mobile applications, either payment transactions or the transmission of sensitive personal data, are particularly susceptible to manipulation and open a range of possibilities for fraud and data theft.

"Fake apps have also become a problem for mobile online commerce," notes Carter. Carefully crafted to appear authentic, counterfeit apps appear as the official ones for well-known brands, fooling unsuspecting consumers in a variety of ways.

"More worryingly, these fake apps are published on official app stores such as Google Play and Apple's App Store. Not only does this leave consumers vulnerable to attack and data exposure, but it also has the potential to damage the reputation of the organisation whose apps are being imitated."

Card-skimming malware

"We already know retailers continue to be a hot target for hackers," he says. "Take the ongoing threat of the payment card-skimming malware operation called Magecart, which has already had success in the retail sphere with attacks on TechRabbit, Kitronik and others."

The latest victim of Magecart is Shopper Approved, a toolkit employed by hundreds of e-commerce sites, which became infected with MageCart spyware, allowing criminals to steal bank card data entered into Web pages using the customer-rating plugin. Similar attacks were recently committed against Ticketmaster and British Airways.

"The recent wave of attacks is placing a stronger emphasis on what we already know," adds Carter. "Software vulnerabilities, incorrect configuration and other holes in defences are not going away, and attackers can use a company's own software against it and its customers."

No regrets

He says while existing best practices continue to be relevant, there are additional security measures that should be taken to address specific attacks such as Magecart, and protect customers.

Companies should implement mechanisms and controls that continually monitor code for injection and detect when the code is being modified, as once an attack is detected, these same mechanisms can provide real-time alerts and trigger processes to deactivate accounts, remove malware and nullify any progress made by attackers.

"We can expect to see a potential wave of attacks this holiday shopping season, with attackers capitalising on the weaknesses discovered as well as the low likelihood of the rapid adoption of application protection at the browser and mobile endpoint.

"With this in mind, organisations need to take action now to protect themselves and ensure they and their customers are not the next victims."

Have your say
Facebook icon
Youtube play icon