New Report Series Highlights E-Commerce Threats, Fraud Against Retailers

Trustwave, a cybersecurity and managed security services provider, recently released a series of reports detailing the threats facing the retail sector, marking the second year of its ongoing research into these critical security issues.

In its annual research, Trustwave SpiderLabs highlights the unique factors at play in retail, significant trends currently affecting the industry, including ransomware, shifts in compliance, and the rise of e-commerce, and provides an overview of threat actor techniques by attack stage.

Additionally, Trustwave SpiderLabs has produced two complementary in-depth write-ups on pressing threats in the sector: e-commerce threats and risks, and fraud targeting retailers. Trustwave SpiderLabs’ analysis delves into why these threats are particularly pervasive in the retail vertical, providing retailers with a clearer understanding of the landscape and effective strategies to mitigate risks.

"As we enter the holiday shopping season, the rise in e-commerce threats and the alarming trends in cyber fraud underscore the need for heightened vigilance in protecting consumer data,” said Trustwave CISO Kory Daniels. “A single incident can undermine customer trust and lead to long-term financial impacts, making robust cybersecurity measures not just a necessity but a critical component of sustainable business practices in today’s retail landscape. By prioritizing security, we not only protect our customers but also foster trust, ensuring a secure and enjoyable experience this holiday season."

Cybersecurity in the retail sector is particularly challenging due to the increasing complexity of IT environments, which often encompass in-store systems, online platforms, and supply chain networks. Retailers also face a unique threat landscape due to seasonal fluctuations, third-party dependencies, physical security risks, and franchise models.

Key findings from Trustwave SpiderLabs’ retail research series include:

  • 58% of attacks originated from phishing
  • 47% of stolen user sessions leverage Amazon domains
  • 92% of credential access techniques were brute-force attempts
  • 15% of ransomware attacks were conducted by Play and LockBit
  • 62% of ransomware attacks were in the US
  • 16% of ransomware attacks targeted Food & Beverage retailers

In 2023, Trustwave released its first Retail Threat Intelligence Briefing that analyzed the attack flow specific to the retail sector, offering insight on specific threat actors, actionable intelligence, and recommended mitigations for each stage.

To access this year’s research, please click here for the full retail threat research series.

Featured

  • 7 Reasons Why Governments Need to Regulate AI

    Recently, Elon Musk unveiled two remarkable AI applications. A humanoid robot named Optimus, with its remarkable human-like speech and movements, and a fully autonomous car, absent steering wheel and pedals, called Cybercab. While these examples represent a broad trend of AI integration across industries, they highlight technology’s transformative potential, prompting a need for regulation to ensure it is used responsibly, securely and ethically. Read Now

  • OR Code Phishing on the Rise According to New Report

    KnowBe4 recently released its Q3 2024 Phishing Report. This quarter's findings reveal the most frequently clicked email subjects in simulated phishing tests, demonstrating the continued efficacy of HR and IT-related phishing attempts. KnowBe4’s Q3 2024 Phishing Report reveals that HR and IT-related phishing emails claim a significant 48.6% share of top-clicked phishing types globally. Despite evolving techniques by bad actors, phishing emails remain among the most prevalent tools for executing cyberattacks. Read Now

  • United HealthCare CEO Killed in Targeted Attack in New York City

    United HealthCare CEO Brian Thompson was killed in a targeted attack early Wednesday in Manhattan Read Now

  • Theft, Crime Driving Retail Workers to Look for New Jobs

    More than four in ten retail workers in the U.S. say they are likely to leave their current job in the next 12 months due to personal safety concerns, according to new research conducted by the Loss Prevention Research Council (LPRC) in partnership with Verkada. Read Now

Featured Cybersecurity

Webinars

New Products

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3