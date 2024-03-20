



Online retail is booming, with existing retailers going digital and new small e-commerce businesses opening all the time.

According to data from CNBC/NRF Retail Monitor, online retailer sales rose 18% year-over-year in February 2024.

It's no exaggeration to say that much of the success of online shopping depends on investing in improving the customer experience. Streamline the checkout process and remove payment hurdles to keep customers coming back and make online retail more appealing.

However, as online shopping becomes more successful and the number of digital stores increases, it also attracts more cybercriminals. No company is too small to be a target.

Online retailers need to protect themselves and their customers from fraud and hacking. Shoppers who are scammed at online stores don't just blame the criminals, they also blame the companies that failed to protect them.

To help speed your journey to a safe shopping experience, we've compiled five security issues online retailers need to know to keep themselves and their shoppers safe.

1. Card skimming

Most people think of card skimming as something that plagues ATMs and card readers at dodgy restaurants and gas stations. There, fraudsters install software to steal card details and use them to make fraudulent purchases. But now there is an online version, digital card skimming.

Contrary to popular opinion, this is a problem for e-commerce businesses and is not something that payment providers can address.

Ran Arad of Memcyco, which provides real-time website impersonation fraud solutions, believes the onus lies with payment service providers, as most e-commerce companies facilitate consumer payments through third parties or payment gateways. says.

But that's not the case. It's up to retailers to invest in protecting their stores and shoppers online and offline with continuous security monitoring and other threat detection solutions.

Cybercriminals use various methods of digital card skimming, including spoofing websites and inserting modal overlays on websites and apps.

E-commerce companies can use multifaceted solutions like Memcycos. This allows us to detect fake sites, monitor brand takeover attempts on digital assets, and provide shoppers with proof of trustworthy authenticity.

2. Supply chain attacks

Today's expanded and interconnected networks expose online retailers to third-party breaches and attacks.

All it takes is one third-party connection and one employee clicking a phishing link to give a hacker or cybercriminal a backdoor into your system.

Jrme Segura, senior director of threat intelligence at Malwarebytes Threatdown Labs, warns that the BNPL (buy now, pay later) industry is increasing the risk of online fraud. It is growing rapidly and has lax security checks compared to traditional systems, making it a prime target.

BNPL systems have less stringent checks, making it easy for cybercriminals to take over accounts, create new accounts with stolen or synthetic identities, and combine real and fake details to make fraudulent purchases. It will be.

The best protection is to enforce zero trust security policies and enforce strong access controls to prevent unauthorized access. They should also carefully and thoroughly vet all vendors, including subcontractors and 4th and 5th tier suppliers, and ideally use technology solutions that provide network visibility.

3.DoS/DDoS

A Denial of Service (DoS) or Distributed Denial of Service (DDoS) attack involves using bots or malware to overwhelm a website, rendering it unavailable to shoppers or at the time of payment.

Imperva's Erez Hasson and Gabi Stapel warn that despite reports of a recent decline in such attacks.

DDoS attacks continue to pose a significant threat, especially low-volume and long-lasting attacks that can go undetected and impact online transactions. It added that even small-scale attacks, such as those recorded in the past 12 months, can impact performance and revenue, especially if: They last for a long time.

One way to address this issue is to use a waiting room queuing system like Impervas. This allows you to control the traffic coming to your site, protect your business from bot attacks, and avoid customer disappointment.

4. Fake returns and refunds

Since return policies were invented, retailers have had to deal with shoppers fraudulently requesting refunds or returning unused items after they've been used or worn. However, it is especially difficult for online stores.

Laura Garrett, returns expert at Rebound, said consumer fraudulent product returns are putting additional strain on revenue at a critical time of year for retailers and brands, with more brands paying more for returns. He said there is a possibility that he will be charged. [] As retailers search for solutions, a growing number are starting to consider banning serial returners.

The challenge is that this cohort includes both your most loyal customers and fraudsters.

The best way to prevent return and refund fraud is to have a strong return policy that makes it clear the condition of the product, short return windows, and no cash refunds to reduce incentives.

It is also important to request ID and contact details before processing your return. This allows you to cross-reference your order and ensure it was not purchased with a stolen credit card.

5. Ransomware and Malware

Such attacks are on the rise due to the rise of Ransomware as a Service (RaaS), which makes it easier and cheaper for cybercriminals to attempt ransomware attacks.

Deepen Desai, global CISO and head of security research operations at Zscaler, says some say the number of ransomware attacks has plateaued. [But] Based on what we're seeing, ransomware attacks are up 38% year over year, and double extortion attacks are up 37%, he warns.

There is clearly no room for complacency. Online retailers must apply a variety of defenses against ransomware and malware attacks. These should include zero trust techniques and powerful tools like the Astras web application firewall.

Online shopping can be a minefield

The range of threats facing online stores is not likely to diminish any time soon. It's essential for e-commerce businesses of all sizes to take the necessary steps to protect themselves and their customers from hackers and cybercriminals.

From deploying advanced solutions to implementing robust security procedures, online stores of all sizes need to remain highly defensible.

