Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Integrity360 Comment: Black Friday/Cyber Monday

November 2024 by Andy Rock, Solutions Architect, Integrity360

Andy Rock, Solutions Architect, Integrity360 comment comments on possible problems that could arise during the period of the Black Friday/Cyber Monday.

"As Black Friday and Cyber Monday approach, retailers and consumers are gearing up for a surge in activity, but so too are cybercriminals. These high-traffic shopping days create a perfect storm for cyberattacks, with attackers leveraging the urgency and excitement of bargain hunting to exploit vulnerabilities. The increased use of personal devices, unsecured networks, and hasty decision-making opens the door to phishing scams, fraudulent websites, and payment card theft.
"Recent incidents, such as the Caesars Entertainment breach earlier this year, where attackers reportedly exploited social engineering tactics to infiltrate critical systems, highlight the risks of human error combined with opportunistic attacks.
"Adding to the complexity, the misuse of social media and AI has amplified threats. Fraudulent advertisements and fake deals often spread rapidly on social platforms, luring users to malicious websites or scams. AI tools enhance these attacks by crafting highly convincing fake messages or posts, frequently tailored to individual users through data scraped from social profiles. This creates an environment where trust is easily manipulated, and vigilance is essential.
"Consumers must remain vigilant - checking URLs, avoiding public Wi-Fi for transactions, and using secure payment methods.
"Retailers handling payment data should also ensure their compliance with PCI DSS requirements, safeguarding customer information and reducing liability in case of a breach.
"Organisations must also prioritise their security posture in the run-up to these events, implementing advanced endpoint protection, real-time monitoring, and requiring multi-factor authentication (MFA) for account access to reduce the risk of credential theft. Robust training for staff to recognise phishing and other social engineering tactics is also a must, especially for those that may be using corporate devices to snag a deal."


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts