Security Journal Americas hears from Derek Manky, the Chief Security Strategist and Global VP Threat Intelligence for FortiGuard Labs on the company’s insights on the advanced cyber-threats that holiday shoppers face.

As the holiday season approaches, shoppers worldwide eagerly anticipate snagging deals during Black Friday, Cyber Monday and other holiday sales.

However, this heightened online activity also draws the attention of cybercriminals.

A recent report from FortiGuard Labs ‘Understanding Threat Actor Readiness for the Upcoming Holiday Season’ revealed the advanced tactics attackers have been developing to exploit this year’s shopping frenzy.

This blog highlights the report’s key findings from the darknet and offers practical advice to help shoppers and businesses stay secure throughout the holiday season.

Tools, targeting and threat actors

The holiday season presents an irresistible opportunity for cyber-criminals to capitalize on increased online transactions.

Tools and services that are available on the darknet empower attackers to target e-commerce platforms and unsuspecting shoppers more effectively.

This year, threat actors are leveraging cutting-edge techniques, including AI-powered phishing lures, sophisticated website cloning tools and remote code execution (RCE) exploits to gain unauthorized access to shopping platforms.

AI-driven methods allow attackers to craft convincing emails and replicas of legitimate websites to steal data or trick users into disclosing sensitive information.

The report also highlights the growing use of deceptive holiday-themed domains that mimic trusted retailers to lure shoppers with enticing but fraudulent offers.

Sniffing tools are another critical weapon that enables cybercriminals to intercept sensitive data like credit card details during online transactions.

Key highlights

Some key highlights from the report include:

Shopping-themed phishing lures and AI

• The report includes examples of cybercriminals using AI models like ChatGPT to craft convincing phishing emails, mimicking legitimate communications from retailers and banks
• This increases the effectiveness of their scams, especially during peak shopping periods

E-commerce threats

• Threat actors are ramping up efforts to exploit online shopping trends
• This year’s report notes that thousands of holiday-themed domains mimicking trusted brands like Amazon and Walmart are being registered to deceive consumers with fake offers and promotions
• Popular platforms such as Adobe Commerce, Shopify and WooCommerce are prime targets due to weak configurations and outdated plugins
• Attackers are deploying sniffers to capture customer data and using RCE exploits to gain admin access to shopping platforms

The darknet and cybercrime

• The FortiGuard Labs team has observed a surge in the sale of stolen gift cards, credit card data and compromised e-commerce site databases
• Phishing kits enabling attackers to set up advanced phishing operations, including services, are being sold for between $100 and $1,000, depending on complexity and customizations
• Other services, such as sniffing and custom brute-forcing tools, are also readily available, enabling even low-skilled attackers to exploit vulnerabilities

Rising risks for businesses

• Businesses are equally vulnerable, facing significant risks from phishing scams to the theft of financial information through fake websites
• Compromised admin panels, unpatched software and weak credentials can lead to data breaches, fraudulent transactions and damaged reputations

FortiGuard’s tips on staying safe

To mitigate these risks, shoppers and businesses must adopt proactive measures.

Vigilance is essential for shoppers

• Double-check URLs before entering sensitive information and use secure payment methods such as credit cards with fraud protection
• Avoid shopping over public Wi-Fi networks, which can leave you vulnerable to session hijacking
• Enable a multi-factor authentication on your accounts for an additional layer of security
• Monitor your financial statements regularly for unauthorized transactions

Businesses must prioritize their cybersecurity posture

1. Keeping e-commerce platforms and plugins up to date and conducting regular vulnerability scans can significantly reduce risk
2. Implementing advanced fraud detection tools helps identify unusual activities, such as brute-force login attempts or fake traffic
3. Educating customers on recognizing phishing attempts and promoting safe shopping habits is equally important
4. Monitoring domain registrations for potential impersonations and reporting them promptly can help protect your brand
5. Securing admin panels with strong passwords and restricted access can prevent unauthorized breaches

To read FortiGuard’s full report, click here.