As the holiday season approaches, shoppers across the globe are gearing up for the annual shopping extravaganza known as Black Friday and its online counterpart, Cyber Monday. With retailers offering irresistible discounts and deals, consumers are eager to make the most of these shopping holidays. However, amidst the hustle and bustle of online shopping, cybercriminals are also gearing up to exploit the frenzy, posing significant cyber threats during these shopping holidays.
Kevin Bocek, VP of Ecosystem and Community at Venafi, warns that cybercriminals have become increasingly skilled at creating copycat versions of popular shopping websites to scam unsuspecting shoppers. With the advent of generative AI, their capabilities have been further amplified, enabling them to craft convincing web content and phishing lures that are highly accurate and targeted.
"They can just plug in examples of the site they want to replicate and the AI can take it from there, creating almost identical fake sites on a mass scale. Some criminals even register domains to get digital certificates to enable the coveted ‘green padlock’, that essentially gives websites a legitimate machine identity, so that it is trusted by your browser – something the FBI warned of when they told shoppers not to rely on the lock icon alone. Yet with very similar URLs, look and feel, it’s hard for even the savviest of bargain hunters to spot the difference. With reputations on the line, retailers should monitor certificate logs to detect malicious certificates and lookalike domains targeting their valued customers," said Bocek.
To counter this threat, Bocek advises retailers to monitor certificate logs meticulously to detect any malicious certificates and lookalike domains that could target their customers. However, consumers also bear a significant responsibility during this holiday season, needing to exercise extra vigilance. Double-checking the authenticity of websites before entering any personal information is essential to avoid falling victim to cyber scams.
Moving into Cyber Monday, Sitaram Iyer, Senior Director of Cloud Native Solutions at Venafi, highlights the vulnerability of complex cloud environments, which often lack visibility, leaving businesses exposed to cyber threats. Online retailers relying on open-source code face additional challenges in securing their software supply chains.
Iyer stresses the importance of establishing a zero-trust security architecture.
"For online retailers that use open source code, this holiday retail season is an especially critical time to ensure safeguards are in place to secure the software supply chain. Creating a zero-trust security architecture is essential, but this must be initiated in the right way," said Iyer.
So, how can shoppers protect themselves from these cyber threats during Black Friday and Cyber Monday? Here are some crucial tips:
Shop from Reputable Retailers: Stick to well-known, trusted online retailers to reduce the risk of falling victim to phishing scams or fake websites.
Check Website URLs: Examine website URLs closely for any unusual characters or misspellings. Legitimate websites should have a secure connection indicated by "https://" and a padlock icon.
Beware of Too-Good-to-Be-True Deals: If a deal seems too good to be true, it probably is. Be cautious of websites offering unbelievable discounts.
Use Strong Passwords: Ensure your online accounts have strong, unique passwords. Consider using a password manager to help you keep track of them.
Enable Multi-Factor Authentication (MFA): Whenever possible, enable MFA for your online accounts to add an extra layer of security.
Regularly Update Software: Keep your operating system, browsers, and security software up to date to protect against known vulnerabilities.
Monitor Your Accounts: Regularly review your bank and credit card statements for any unauthorized transactions.
Adopting best practices and ensuring the security of machine identities can help safeguard both shoppers and businesses during these peak shopping periods. Stay safe, shop wisely, and enjoy the holiday season!