Cybersecurity and the Holiday Shopping Season [Weekly Cybersecurity Brief]

It’s that time of year again when we scramble to buy holiday gifts for our loved ones and hunt for the best deals. With events like Black Friday and Cyber Monday upon us, though, also comes a renewed sense of cybersecurity dread. Politico recently referenced an assessment that found nearly 60% of the retail sector is at a “heightened risk” for ransomware attacks. Considering this threat, experts are on high alert and sharing their tips for avoiding problems.

As InfoSecurity Magazine reports, online payment fraud increased by 208% between September and October 2021. The same article also shared that cybersecurity company Kaspersky concluded that there were “1,935,905 financial phishing attacks disguised as e-payment systems in October 2021” and 221,745 spam emails pretending to be Black Friday messages. While such numbers do tend to spike during this season, Tatyana Shcherbakova, security expert at Kaspersky, explained that the focus on e-payment systems sets this year’s figures apart.

Also distinguishing this year’s concerns are matters associated with the pandemic. In a quote for WTOP, Christina Miranda with the Division of Consumer Business Education at the Federal Trade Commission (FTC) stated, “Reports about online shopping issues aren’t new for the Federal Trade Commission, but the supply chain issues related to the pandemic have made matters much, much worse.” Therefore, she and other professionals are suggesting maintaining a sense of awareness of fake websites posing as real outlets. If you aren’t familiar with the site, the FTC recommends researching it for any reviews or reported scams. Virginia Tech cybersecurity expert Aaron Brantly provided WTOP with some guidelines as well. Brantly said to make sure that the websites you are browsing include an “SSL,” which typically shows up as a lock icon, and to refrain from reusing the same passwords that are used for other online activity like banking.

While personal and consumer cybersecurity safety is of particular interest during this time, we also know that other sectors continue to face concerns, particularly with supply chain effects. In additional cybersecurity news this week, Vestas Wind Systems A/S reported that it was forced to shut down IT systems following a cybersecurity incident. As one of the world’s biggest wind turbine makers, the issue has the potential to impact “customers, employees and other stakeholders,” as well as production according to the company. However, Vestas told Bloomberg that existing turbines and their maintenance have not been disrupted.

Key Takeaways:

“Online Payment Fraud Surges by 208% Ahead of Black Friday” – James Coker, InfoSecurity Magazine

https://www.infosecurity-magazine.com/news/online-payment-fraud-black-friday/

  • Online payment fraud increased by 208% between September and October 2021.
  • Cybersecurity company Kaspersky concluded that there were “1,935,905 financial phishing attacks disguised as e-payment systems in October 2021” and 221,745 spam emails pretending to be Black Friday messages.
  • Tatyana Shcherbakova, security expert at Kaspersky, explained that the focus on e-payment systems sets this year’s figures apart.

“Virginia Tech cybersecurity expert on how to avoid online shopping scams this holiday season” – Kristi King, WTOP

https://wtop.com/cyber-security/2021/11/virginia-tech-cybersecurity-expert-on-how-to-avoid-online-shopping-scams-this-holiday-season/

  • Christina Miranda with the Division of Consumer Business Education at the Federal Trade Commission (FTC) stated, “Reports about online shopping issues aren’t new for the Federal Trade Commission, but the supply chain issues related to the pandemic have made matters much, much worse.”
  • If you aren’t familiar with a  website, the FTC recommends researching it for any reviews or reported scams.
  • Virginia Tech cybersecurity expert Aaron Brantly also suggests making sure that the websites you are browsing include an “SSL,” which typically shows up as a lock icon, and to refrain from reusing the same passwords that are used for other online activity like banking.

“Vestas Shuts Some IT Systems After Cyber Security Incident” – Will Mathis and Swetha Gopinath, Bloomberg

https://www.bloomberg.com/news/articles/2021-11-20/vestas-shuts-down-some-it-systems-after-cyber-security-incident

  • Vestas Wind Systems A/S reported that it was forced to shut down IT systems following a cybersecurity incident.
  • As one of the world’s biggest wind turbine makers, the issue has the potential to impact “customers, employees and other stakeholders,” as well as production according to the company.
  • Existing turbines and their maintenance have not been disrupted.
Share

You Might Also Like...