BLOG: The NCSC Releases guidance on protection retailers can take to prevent attacks

The NCSC published a report last week outlining the increased threat to retailers, hospitality, and utility services from online threats. The report advises organisations, businesses, and individuals on measures that can be taken to prevent cyber-attacks and provides assistance for organisations to add an extra layer of security on top of passwords to authenticate customers. 

This report provides authentication suggestions for online retailers and recommendations for reporting and acting, in the event of their branding being spoofed for malicious purposes putting retailers, and in turn, customers at risk.

Spoofing is becoming more prevalent within the cyber threat landscape and can result in a false representation of organisations through convincing unsuspecting consumers to purchase products and services and fake endorsements. Regularly cyber criminals pose as brands in phishing campaigns and phishing attacks reportedly made up 52% of all attempts globally in the first quarter of 2022 and 54% of successful phishing attacks end in customers’ data breaches.

This report seems to subsequently follow cybersecurity researchers’ concerns about the next holiday shopping season being the most challenging for retailers. Every year we are warned about the underhanded tactics of threat actors, yet every year, most retailers end up having better than anticipated sales. As we discuss every year, Black Friday and Cyber Monday bring in an increase in retail-focused cyberattacks.

Threat actors enjoy the holiday season. Consumers and organisations are distracted and focused on sales, alongside this cybersecurity teams are over-extended and fatigued, which makes this time an ideal moment for threat actors to launch a cyber-attack. Therefore, as retailers prepare for the holiday shopping season, they should also be readying themselves to combat the cybersecurity threats that threat actors and cybercriminals will be deploying.

There are numerous attack vectors cybercriminals will turn to over the course of the year, some are retail-focused and particularly potent during the holiday shopping season such as:

• Credential theft: Obtaining legitimate login credentials via phishing emails.
• Credential stuffing: Using stolen credentials for one site to log in to other sites in the hope they will work because victims have reused username and password combinations.
• Brand spoofing: Creating fake websites with URLs that appear legitimate, then using phishing emails to trick customers into providing their credentials. Bad actors can also target your employees in this way – as well as illegally using your owned domains to dupe them into sharing information.
• Social engineering: Researching an organization and then pretending to be a victim’s colleague to trick them into providing personally identifiable information, login credentials, or even wiring money to an attacker’s account instead of a vendor account.
• Supply chain compromises: Using ransomware or some other breach to pose as a trusted supply chain vendor to access the organization’s network.
• These attacks can have a strong negative impact, including business/financial disruption, loss of data, and brand damage to retailers while they are striving to close out the year on a positive and profitable note.

As corporate espionage is a real and present danger and Orpheus can provide threat-led intelligence to recognise threat actors and potential risks from a company’s supply chain. With our dark web investigations and analysis and our machine learning capabilities, we can recognise threat actors and translate this information into actionable reports which allow you to secure your environments.

Orpheus Cyber is one of only 6 companies in the UK Recognised and accredited to deliver threat-led cyber intelligence reports for our critical national infrastructure, to understand how we can protect and support your organisation, request a demo now.