Hackers are ramping up their phishing and ransomware campaigns targeting the retail sector as the holiday shopping season kicks off.
The big picture: The ongoing economic downturn is prompting more shoppers to look for online discount codes and more hackers to trick these consumers with phony deals, threat analysts tell Axios.
- Ransomware gangs are also predicted to target small to medium-size businesses that could be more likely to pay off hackers to prevent an operational outage during the holiday season.
Why it matters: While the retail sector has gotten better at defending its systems against cyberattacks in recent years, no company can ever be considered completely hackproof.
- Traditional phishing lures — where hackers impersonate retailers in emails to collect consumers' login information and credit card numbers — are nearly impossible for retailers to track unless a consumer reports them.
Threat level: This year's economic downturn and the return of in-person holiday gatherings are exacerbating the existing threats that retailers have long had to fight, says Ashley Allocca, a threat analyst at cyber intelligence firm Flashpoint.
- Each year, analysts see a bump in the number of retail companies listed on ransomware extortion sites, where gangs post a list of victims they've targeted that haven't paid up yet, Allocca says.
- Phishing is also one of the "most popular hacking services advertised within illicit communities" this year, according to a report from the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) published earlier this month.
Details: Hackers rely on employees and consumers being too busy during the holiday seasons to spot scam emails.
- Phishing campaigns can lead to consumers entering their credentials and credit card info into fake sites or employees accidentally downloading ransomware at their organization.
- Reports of imposter websites, which mimic well-known retailers and place fake product listings that consumers purchase, also rise during the holidays.
Flashback: Nine years ago, Target responded to a data breach affecting millions of customers' credit cards that woke the retail sector up to the cyber threats they face.
The intrigue: Retailers have increasingly dedicated more resources since those attacks to fight cyber threats, and the industry has several cross-sector resources to help track and detect threats.
- RH-ISAC hosts pre-holiday season workshops for retailers aimed at alerting them to the top hacking techniques, Muktar Kelati, senior director of cyber threat intelligence at RH-ISAC, tells Axios.
- Many retailers also train their customer service teams to better detect fraudulent refund callers and field calls from consumers who spot a phishing or imposter website scam, Kelati adds.
- Christian Beckner, vice president of retail technology and cybersecurity at the National Retail Federation, tells Axios most retailers now have a pre-existing relationship with the FBI, which helps companies get tips on hackers' new tactics and makes them more comfortable calling in investigators whenever they are hacked.
What they're saying: "We see a lot of groups capitalize on these world events," Allocca says about the upcoming shopping season. "People are going to be keen to spend money; they might be under pressure."
Be smart: Monitor bank statements, double-check sender emails and website URLs, and be suspicious of any deals that seem too good to be true, experts tell Axios.
- "If it feels suspicious, it probably is suspicious," Allocca says.
Sign up for Axios’ cybersecurity newsletter Codebook here.
