openPR Logo
Press release

Windows Shopping: 7 Threats To Look Out For This Holiday Season

11-24-2016 03:33 PM CET | IT, New Media & Software

Press release from: OAK Consulting FZC

Comment Article by Chris Brown, VP EMEA and APAC, Digital Shadows

Thanksgiving, Black Friday, Cyber Monday, Christmas. There’s a lot of shopping to be done between now and the end of 2016. As throngs of discerning shoppers flock to the high street and online shopping carts are filled to the brim, cybercriminals are busy preparing their wares to take advantage of the high sales period. With this in mind, we decided to outline some of the biggest threats facing both retailers and consumers in the upcoming holiday season:
1. DDoS attacks - With the Mirai botnet demonstrating its ability to launch high-volume denial of service (DDoS) attacks, some might deem the busy sales period as an opportune moment to showcase their capability or cause widespread disruption by targeting retailers. Allied to this is the threat of DDoS extortion, as attackers may use the threat of disabling retail operations during the busiest period of the year as a means of earning a quick profit. Just this week the web hosting and building service Squarespace was affected by two DDoS attacks that affected a number of e-commerce sites. A user on the AlphaBay Dark Web marketplace claimed responsibility for the attacks and alleged they had tried to extort Squarespace for up to $2,000 USD, though this was not confirmed.

2. Compromise of e-commerce sites - This issue has emerged as a problem in 2016 with thousands of ecommerce sites being infected with key-loggers designed to steal credit card data entered into online checkout forms. Many of the compromised websites ran the Magento shopping cart system, though other platforms such as Powerfront CMS and OpenCart, as well as payment processing systems such as Braintree and VeriSign were also purportedly targeted.

3. POS malware - Cybercriminals are likely to exploit the large number of transactions conducted during the next month by targeting point of sale devices (POS) such as card readers and payment terminals. When a new campaign for the POS malware known as FastPoS was discovered in September 2016, it became clear that the malware was still under active development. A similar pattern was detected in 2015, whereby new campaigns and upgrades appeared to occur in the months leading up to Christmas. It’s highly likely that the same will occur in 2016.

4. Skimming – In similar vein to POS malware, cybercriminals will likely seek to take advantage of the increased number of withdrawals made at ATMs this season. These card reading devices aren’t always easy to spot. In September, U.S authorities warned of a new technique known as ‘periscope skimming’ which involves the use of a specialized skimming device connected directly to the ATM’s internal circuit board. This technique was likely developed in response to anti-skimming measures, and criminals are almost certain to be developing new ways to avoid detection.

5. Phishing pages - Attackers will try and trick users through fake websites that at face value look incredibly similar to those belonging to legitimate retailers. These sites, however, often steal victims’ credentials when they try to make a purchase, or will be used as a landing page to download a particular strain of malware. We expect phishing email campaigns encouraging users to visit these sites to be particularly prevalent at this time of year.

6. Malvertising - Attackers can use online advertising as a means of distributing malware, luring victims with one-time offers and bargain prices. These will usually involve an attacker injecting malicious code into a legitimate advert which will either download malware directly onto a victim’s machine or redirect visitors to a website that facilitates the distribution of malware. Pop-ups, banners and promotional offers pushed through social media feeds can be used for these purposes. Sometimes attackers even create adverts that appear to point to legitimate sites by shortening or changing the URL displayed on the advert itself.

7. Banking malware - Banking trojans remain a threat all-year round, but research from Kaspersky has indicated that attacks using financial malware increased around the time of Black Friday and Cyber Monday, and the Christmas period in 2014 and 2015. One reason for this might be that as more people shop online during this time, attackers will try and distribute their malware via fake or compromised sites, or through phishing email campaigns. These can also be used to deliver additional malicious payloads. A recent Kronos banking trojan phishing campaign, for example, was discovered to be targeting victims in the UK and US. While Kronos infections are bad enough, Kronos was also downloading a new POS malware dubbed ScanPOS which was capable of stealing credit card numbers.

Digital Shadows provides cyber situational awareness that helps organizations protect against cyber attacks, loss of intellectual property, and loss of brand and reputational integrity. Its flagship solution, Digital Shadows SearchLight™, is a scalable and easy-to-use data analysis platform that provides a view of an organization’s digital footprint and the profile of its attackers. It is complemented with intelligence operations analyst expertise to ensure extensive coverage, relevant intelligence and frictionless deployment. SearchLight continually monitors the visible, deep and dark web and other online sources to create an up-to-the minute view of an organization and the risks requiring mitigation. The company is jointly headquartered in London and San Francisco. For more information, visit http://www.digitalshadows.com

Conrad Offices, Sheikh Zayed Road, Dubai

This release was published on openPR.

Permanent link to this press release:

Copy
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.

You can edit or delete your press release Windows Shopping: 7 Threats To Look Out For This Holiday Season here

News-ID: 386766 • Views:

More Releases from OAK Consulting FZC

FarEye launches its Delivery Experience Suite – ‘Delight’
Dubai, United Arab Emirates, July 5, 2018: FarEye, a leading global digital logistics platform today announced the launch of its Delivery Experience Suite – ‘Delight’ that helps businesses increase their Delivery Happiness Score – the ultimate measure of customer success. It enables businesses to provide a seamless and personalized experience to the customers. FarEye is a leader in B2C logistics technology and is widely used by global giants like Walmart, DHL,
FarEye expands its footprint in the European market with the launch of its regio …
Dubai, United Arab Emirates, June 24, 2018: FarEye, a leading global digital logistics platform, today announced the opening of its first European office in the heart of London with an aim to expand its business foothold in the region and to serve its customers directly. With a total of 6 corporate offices in India, Dubai and Singapore, FarEye currently serves customers in over 20 countries. FarEye has revolutionized the logistics
Digital Shadows announces its Digital Risk Management Technology Ecosystem
Digital Shadows announces its Digital Risk Management Technology Ecosystem
Dubai, UAE, October 24, 2017 – Digital Shadows, the industry leader in digital risk management, today announced the launch of its Digital Risk Management Technology Ecosystem. Formed from almost a dozen technology companies, with more expected to join in the coming months, they all share a vision for how security analytics and security information and event management (SIEM), product orchestration and automation, risk & compliance, intelligence and network enforcement, must
Ring partners with Al Jammaz to provide smart home security for Saudi Arabia
Riyadh, Saudi Arabia – October 18, 2017: Ring, the leader in smart home security recently announced a partnership agreement with Al Jammaz Distribution, the leading Saudi based Value-Added Distributor, which distributes advanced technology products, solutions and services. This partnership will help Ring foray and expand its reach across the Saudi market offering customers Ring’s innovative home security products and solutions. “Ring believes in keeping homes and communities safe rather than

All 5 Releases


More Releases for POS

The Continuing Growth Story of Restaurant POS System Market | Square, BIM POS, T …
Global Restaurant POS System Market by Player, Region, Type, Application and Sales Channel is latest research study released by HTF MI evaluating the market risk side analysis, highlighting opportunities and leveraged with strategic and tactical decision-making support. The market Study is segmented by key a region that is accelerating the marketization. The report provides information on market trends and development, growth drivers, technologies, and the changing investment structure of the
POS Software Market is Booming Worldwide with Realtime POS, Alexandria Computers …
Advance Market Analytics released the research report of Global POS Software Market, offers a detailed overview of the factors influencing the global business scope. POS Software Market research report shows the latest market insights with upcoming trends and breakdown of the products and services. The report provides key statistics on the market status, size, share, growth factors of the POS Software. This Report covers the emerging player's data, including: competitive
Cloud POS Market to 2027 - Square, Intuit, Oracle, Shopify,Toast, Vend, Accu POS …
The global Cloud POS market valued at US$ 4.95 Bn in 2018 and is expected to grow at a CAGR of 21.6% during the forecast period 2019 – 2027, and reach US$ 27.82 Bn in 2027. Key Benefits- - To provide detailed information regarding the major factors (drivers, restraints, opportunities, challenges, and trends) influencing the growth of the global Cloud POS Market - To forecast the size of the market segments with
POS Software Market Is Booming Worldwide | Realtime POS, Heartland Payment Syste …
Advance Market Analytics recently introduced POS Software Comprehensive Study by Type Market study with in-depth overview, describing about the Product / Industry Scope and elaborates market outlook and status to 2023. The market Study is segmented by key regions which is accelerating the marketization. At present, the market is developing its presence and some of the key players from the complete study are Realtime POS, Inc. (United States) , Heartland
Global Restaurant POS Software Market Forecast 2018-2025 Loyverse , eZee Techno …
Global Restaurant POS Software Market This report focuses on the global Restaurant POS Software status, future forecast, growth opportunity, key market and key players. The study objectives are to present the Restaurant POS Software development in United States, Europe and China. In 2017, the global Restaurant POS Software market size was million US$ and it is expected to reach million US$ by the end of 2025, with a CAGR of during 2018-2025. Request
Restaurant POS Software Market 2017 - Abacre, Aldelo, Loyverse, Boxy POS, BIM PO …
Apex Research, recently published a detailed market research study focused on the "Restaurant POS Software Market" across the global, regional and country level. The report provides 360° analysis of "Restaurant POS Software Market" from view of manufacturers, regions, product types and end industries. The research report analyses and provides the historical data along with current performance of the global Restaurant POS Software industry, and estimates the future trend of Restaurant