Increasing ‘Dark Web’ activity puts retailers at risk
Retailers may be leveraging more digital channels to increase revenue opportunities, but these are also fertile ground for cyber-thieves.
This was according to “The Retail and E-commerce Threat Landscape Report” from e-commerce fraud-prevention firm Riskified, and IntSights Cyber Intelligence, a provider of enterprise cyber threat intelligence and mitigation solutions. The study, which analyzed the transaction-level results of hundreds of millions of purchases between Q3 2017 and Q3 2018, revealed new tactics used by fraudsters.
According to data, cyber-thieves are getting more sophisticated in their attacks via the Dark Web, a part of the Internet where fraudsters rely on special software to remain anonymous or untraceable via digital scams. For example, there was a 297% rise in the number of fake retailer websites designed to “phish” for customer credentials. In Q3 alone, there was an average of 23 phishing sites per company. This was a significant increase from 2017, which averaged 5.9 phishing attacks per company.
Fake apps and social media profiles are also on the rise. There was a staggering 469% spike in suspicious applications, and a 345% increase in fake social media profiles, respectively, in Q4 2017.
There was also an average of 22.1 internal login pages or development servers exposed per retail company in 2018. When accessed, this gives cybercriminals a portal into the retailer’s internal network.
In addition, there was a 278% rise in stolen goods listed on black markets for resale, the study revealed.
“Retailers are increasingly focused on driving sales through a variety of online channels -- Facebook, SMS messaging, Instagram, Twitter and more -- all of which provide an ideal opportunity for fraudsters to lure in new victims through phishing attacks as it is the most common way to obtain stolen credit card numbers,” said Guy Nizan, co-founder and CEO of IntSights Cyber Intelligence. “As prime targets for cyber-crime, retailers need to understand how their goods are being sold and bartered for on the Dark Web. This glimpse into criminal behavior and activity helps inform the overall cybersecurity program, leading to an increase in security posture.”
This was according to “The Retail and E-commerce Threat Landscape Report” from e-commerce fraud-prevention firm Riskified, and IntSights Cyber Intelligence, a provider of enterprise cyber threat intelligence and mitigation solutions. The study, which analyzed the transaction-level results of hundreds of millions of purchases between Q3 2017 and Q3 2018, revealed new tactics used by fraudsters.
According to data, cyber-thieves are getting more sophisticated in their attacks via the Dark Web, a part of the Internet where fraudsters rely on special software to remain anonymous or untraceable via digital scams. For example, there was a 297% rise in the number of fake retailer websites designed to “phish” for customer credentials. In Q3 alone, there was an average of 23 phishing sites per company. This was a significant increase from 2017, which averaged 5.9 phishing attacks per company.
Fake apps and social media profiles are also on the rise. There was a staggering 469% spike in suspicious applications, and a 345% increase in fake social media profiles, respectively, in Q4 2017.
There was also an average of 22.1 internal login pages or development servers exposed per retail company in 2018. When accessed, this gives cybercriminals a portal into the retailer’s internal network.
In addition, there was a 278% rise in stolen goods listed on black markets for resale, the study revealed.
“Retailers are increasingly focused on driving sales through a variety of online channels -- Facebook, SMS messaging, Instagram, Twitter and more -- all of which provide an ideal opportunity for fraudsters to lure in new victims through phishing attacks as it is the most common way to obtain stolen credit card numbers,” said Guy Nizan, co-founder and CEO of IntSights Cyber Intelligence. “As prime targets for cyber-crime, retailers need to understand how their goods are being sold and bartered for on the Dark Web. This glimpse into criminal behavior and activity helps inform the overall cybersecurity program, leading to an increase in security posture.”