New Report Says Holiday Hacking to Increase

holiday-shopping-onlineHappy Black Friday! While some of you will trek out to the shops today, many of you will decide to stay in and shop from the comfort of your own home.  While shopping at home means you don’t have to deal with “people” you can still run into many bad actors on the internet. Below are some things to be aware of while shopping online this holiday season.
Tala Security has released its State of the Web report, which predicts unprecedented levels of online data theft this holiday season due to a lack of deployed client-side security measures.  The report states that hackers will be looking to exploit vulnerabilities on enhanced websites to steal both Personal Identifiable Information (PII) and Payment data. The report shows that 98% of Alexa 1000 sites were incapable of preventing a cyberattack.  The report also found that the average website contains over 30 JavaScript integrations, form data exposure is ten times (10X) greater than organizations intend, only 2% of websites can defend against a client-side attack and that credit card-skimming threat, Magecart, is reported to be present on more than 2 million websites. The FBI have also issued a press release warning about the dangers of credit card skimming threats, warning businesses and providing tips on how they can prevent skimming. In addition to the FBI warning and prevention tips, a blog post in Security Boulevard also gives businesses the following advice: “Companies must implement solutions that not only protect their first-party infrastructure, but now — it is imperative to protect customer data. The best defense against web skimming is to prevent all unauthorized JavaScript access to sensitive data that may be in form fields or stored in website cookies.”  The blog advocates for a “zero trust” approach, by intercepting all API calls from any JavaScript in the browser and automatically block access to all HTML form fields and cookies, unless they have been given explicit permission. As consumers, we hope that businesses are taking these warnings to heart.  In any event, there are ways that consumers can protect themselves when shopping online.  Recommendations from suggest: using strong and unique passwords for every shopping site you use, using the most up-to-date anti-virus and security software available, use multi-factor authentication where possible, keep your devices locked and never shop over a public WiFi network.  You should also be aware of any suspicious emails that tend to come in at this time of year.  There are a lot of promotional emails that may come out from vendors, but hackers are clever enough to create a phishing email that looks real. Remember if it’s too good to be true, it probably is.  If all else fails, it’s also a good idea to keep an eye on your credit card and bank statements, in the event you have been “breached.”  The sooner you spot the suspicious activity, the sooner you can report it to your bank and authorities. If your organization is worried about the affect of a data breach on their business, contact Uzado today!

Leave a Comment

Your email address will not be published. Required fields are marked *