The holiday season brings snow (we hope), Christmas, a New Year and lots of online shopping, which is quickly getting more popular, simpler and convenient. Shopping for Christmas gifts and then trying to grab a bargain during the following sale makes this season a time when world online stores do what they can to sell as much as possible.
Unfortunately, some people have devious schemes in mind and target times of happiness and sorrow to execute them. From terrorist attack to cyber-crime we find a similar trend, Christmas and the New Year is no different.
Today, online shopping which often offers insufficient control has put both customers and retailers at risk of security breaches; especially true for retailers considering the amount of information they are sitting on. Cyber-criminals take advantage of these events and shopping spikes, e.g., by placing a malware in passive mode on a victim’s network to self-execute at a given time, like the day before Christmas. This scenario can be used for DDOS extortion and can be very successful, since no one wants to have their ecommerce site down during crazy shopping days.
These kinds of cyber-crimes put customers at risk as well, by redirecting them to fake stores, compromised ecommerce site and collecting their personal data with malice.
During the holidays, retailers open up their networks to load and volume. Security boundaries are stretched and controls are loosened to accommodate for more sales and customers. And, cyber-criminals join the game as well, especially those who fly under the radar for whom it is the perfect time to hide an attack or fraudulent attempt under transaction volumes.
There is a lot left to be done to stop these kinds of attacks and fraudulent attempts. Personal information should be more controlled and protected. Great care should be taken when handing over credit card or personal data. And, not the least, customers should be more aware of the risks.