As Black Friday approaches, the Carbon Black Threat Analysis Unit (TAU) reports that organizations saw a 20.5 percent increase in attempted cyber attacks between November and December 2016, and warns that if the trend continues in 2017, companies should be extra vigilant, since such attacks often begin around the Thanksgiving holiday.
“It’s important to remember that, during the holidays, cyber attacks will surge, and most security teams will probably end up working more than 40 hours,” the researchers wrote. “However, in order to ensure every possible area is protected, we need to get in the habit of incorporating the everyday users into our security strategy.”
Still, a recent MediaPro survey [PDF] of 1,017 retail employees found that 77 percent of respondents are insufficiently prepared to handle common privacy and security requirements like incident reporting (23 percent), physical security (30 percent) and identifying personal information (21 percent).
“One way forward is to instill a culture of security in which every employee knows their role in maintaining this trust,” the report states.
A separate Netsparker survey of 2,006 U.S. adults found that when it comes to holiday shopping, Americans’ single biggest concern is that a website on which they have saved their credit card information will be hacked (44 percent), followed by having packages stolen from their doorstep (39 percent) and a hacker using malware to steal their credit card data (34 percent).
This year, 85 percent of respondents plan to do at least some of their holiday shopping online, and 45 percent plan to do more than half. Over two thirds of respondents said they would be more likely to visit a retail website if they knew it was protected with AI cyber security software.
Still, respondents continue to engage in dangerous activity online, including using unsecured Wi-Fi networks (39 percent), clicking on unfamiliar social media links (35 percent), using the same password for different sites (34 percent), and using weak passwords (33 percent).
“Data hacks are the threat that define our age, and consumers must be proactive about keeping their own sensitive information safe,” Netsparker founder and CEO Ferruh Mavutina said in a statement.
Holiday shopping risks now extend to mobile apps as well. Recent RiskIQ research determined that more than 32,000 malicious mobile apps are leveraging the branding of the top five online retailers to trick shoppers into entering credit card information, giving up social media and email credentials, or downloading mobile malware.
Malicious apps, RiskIQ found, represent 4 percent of all Black Friday themed apps available in apps today — each of the top five brands have at least 15 apps available that leverage their branding alongside the term “Black Friday.”
“In 2016, almost 40 percent of sales on what used to be a brick-and-mortar shopping weekend occurred on a mobile device over Black Friday and Cyber Monday, making shoppers increasingly at risk of encountering phishing pages, malicious apps, and viruses that infect their phones and tablets to mine sensitive data,” the report states.