Cyber Monday – just taking part isn’t enough!

We don’t always need to get involved in every trend straight away. In this instance, we may even be “lucky” in being a little behind the curve here in Switzerland. At least we can benefit from the experiences of others. Let’s get specific: we’re talking about Cyber Monday. It’s not yet a firm feature on the agenda over here, but in the English-speaking markets, it’s now as important as Black Friday. For online retailers, it means full cash registers and empty warehouses for the coming financial year.

Unfortunately, “the most wonderful Monday of the year” not only brings joy to customers but also to cybercriminals, as the methods they use work especially well in the midst of the sales frenzy. Customers and providers alike are in their sights. A change of perspective can be useful in understanding their schemes. What does a fraudster hope for on such a day?

The mimic

On Cyber Monday, many users go hunting for bargains via search engines. In amongst the list of search results can also be found enticing adverts with appealing offers. Who thinks about their data being misused when they think they’re getting their hands on a brand-new TV at 50% off? The form is quickly filled in and sent off with revealing information.

But the customers and online shop operators have unwittingly become victims to a phishing campaign combined with IP theft. The website looked just like the well-known retailer’s site – but it was a fake. HTML can quickly be copied, and counterfeit Google Ads can be activated in a matter of seconds. The fraudster has not only saved a great deal of work for themselves, but also given the retailer’s reputation a battering. He or she has also been able to gather customer information such as an address, credit card details and answers to security questions. It’s not just a cliché: data is the new oil. The more a criminal can get, the better. Numerous data points are compiled in large databases and act as digital identities.

The hitman

When (Cyber) Monday morning arrives and the online shop is running well, nobody gives it a second thought. It looks like marketing has done a good job and the offers are drawing in customers. But then...the stampede just keeps getting bigger. The web server is so bombarded by requests that it soon gives up the ghost. Not today, of all days!

What happened? The company became victim to a DDoS attack – a targeted assault on an online shop which leads to a server overload and denial of service. An action such as this is easy to purchase and execute on the Dark Web. Of course, it’s not legal, but it is difficult to trace. Online shops in competitive fields are often victim to such attacks on days like Cyber Monday or other major seasonal events.

The wise guy

It all came down to an e-mail the boss read quickly between two meetings. His son sent him a link to great holiday accommodation for Christmas. But it’s the last thing on his mind today: the online shop is offline. Access to customer data, stock levels and the interface have been blocked– by a group of criminals who demand a scandalously large payment in Bitcoins to save the day. Is it worth paying the ransom?

The problem: the online shop is the victim of a sophisticated attack. This involves gangs of criminals (this type of crime is difficult to pull off single-handedly) using publicly available information to sneak through a small piece of malware. For example, the CEO with his Facebook profile linked to his son, who is posting holiday snaps. With a little research, someone can create a personalized e-mail using a fake address to smuggle a link or attachment into the company. Undetected. Until the day the programme is executed.

These are three examples to illustrate what’s going on in the world of e-commerce crime. There is a wide range of threats looming over the market every day and damaging the trust of customers and providers. These inflict harm and cost money and, most of all, time. The majority of cases are never resolved. The underlying structures are too complex, the resources available to investigators are too limited and insurance payouts arrive too quickly.

If you and your company want to get started with Cyber Monday safely and without a hitch, we recommend taking the following measures:

1. Train your staff and management team. Awareness is the first and most important step to ensuring a secure business model.
2. Check your Internet presence for potential vulnerabilities and fix them promptly. Penetration testing is part of good Internet practice, as are firewalls and spam filters.
3. Use monitoring services (including vulnerability scanners) to promptly identify unusual online behavioural patterns.
4. Ensure you have a meticulous backup process to enable you to quickly access a previous version of your data and prevent any major loss in the event of an incident.
5. Establish a better customer relationship by keeping your customers informed.