Retailers Prepare for Increased Cyber Attacks During Prime Day

Cyber security experts are warning of increased phishing, ransomware, and social engineering attacks during Amazon’s Prime Day event this week, as more hackers take advantage of the event’s popularity to send credential harvesting emails to unsuspecting consumers. With the frequency of these attacks on the rise, multi-location retailers are beefing up their own digital security protocols and using external marketing channels to distribute warnings to their customers.

“We always see a spike in the occurrence of these types of crimes around the same major shopping holidays — Prime Day, Black Friday, Cyber Monday, Christmas,” says Lisa Plaggemier, interim executive director of the National Cybersecurity Alliance. “As the lines between brick-and-mortar and e-commerce shopping have blurred over the last couple of years and most transactions happen online, bad actors have a larger pool of consumers to go after.”

Retail and wholesale businesses saw a 400% increase in phishing attempts over the past year — the most of any industry, including financial and government sectors. 

According to Check Point Research, there was a 37% jump in Amazon-related phishing attacks at the start of this month compared with the daily average for June. Additionally, almost 1,900 new domains using the term “Amazon” launched in June, and nearly one-in-10 of those domains were found by Check Point to be malicious or suspicious.

“Bad actors capitalizing on ‘e-tail holidays’ like Prime Day are largely motivated by financial gain,” Plaggemier says. “[They’re] relying, and preying on, the average user’s ignorance of basic cybersecurity hygiene to get their hands on actionable PII (personally identifiable information) like passwords and credit card numbers.”

Phishing emails lure victims by posing as retailers or brands and distributing malicious links or attachments. Plaggemier says phishing attacks are the most prevalent type of cyber crime during Prime Day, with most of these attacks designed to deceive people into unknowingly giving up sensitive personal information. 

Social engineering attacks work somewhat differently, in that they involve email campaigns designed to look as if they originated from a retailer’s personnel, like a customer support team asking for “confirmation” of payment details. The links in these social engineering emails usually lead to a spoofed webpage designed to look like the retailer’s own website, where the visitor is prompted to re-enter their credit card information. 

“Another example would be a staged email alerting someone of an update to an order they placed along with an attachment that, when clicked, will act as a trojan to deliver malware to the endpoint device,” Plaggemier says. “That malware can then be used for a subsequent attack once a bad actor has access to a user’s system.”

Although most phishing and social engineering attacks target consumers, multi-location brands are taking a more proactive approach as the practice increases.

Plaggemier says criminals generally use the same tactics year after year, because leveraging the same threat vectors continue to work consistently. 

“They’re low-tech, low cost and highly effective because social engineering and phishing attacks take advantage of user behavior and psychology, coupled with the difficulty the average consumer has in being able to identify the characteristics of these attacks,” Plaggemier says.

Plaggemier suggests that multi-location retailers and brands become more vigilant about communicating the dangers and frequency of cyber attacks ahead of major online shopping holidays, and that they use marketing channels to distribute ‘best practices’ emails to their customers.

“Human behavior is more easily exploited when there’s a sense of urgency – and malicious actors are always ready to take advantage of that,” Plaggemier says. “By generating consistent awareness of these threats among customers, brands can help deter bad actors from data theft through pre-emptive behaviors.”

Tags: