Cyberattacks Against Online Retail Continue to Rise

Cyberattacks Against Online Retail Continue to Rise

Cyberattacks Against Online Retail Continue to Rise

The growth of online retailers is followed closely by the acceleration of cyberattacks. Unlike a lot of traditional B&M stores that were forced to close during the Covid-19 pandemic, online retail has experienced a boom. Whilst the World Economic Forum reported that the move to stay at home resulted in a decrease in the virus number, researchers at Salesforce showed that global digital sales grew by 36%, year-on-year, to December 2020.

As expected, cybercriminals are ‘following the money’ with the result that the retail industry is seeing an uptick in cyber-attacks as online transactions soar.

The Cyber-Threat Landscape and the Online Retailer in 2021
Online retail is predicted to experience a staggering £5.9 billion ($8.1 billion) worth of losses each year because of cyber-attacks. And according to a recent Ponemon study, a cyber-attack affecting an online retailer, costs, on average, over $2 million.

Cybercriminals use several methods to target vulnerable e-commerce sites, these include:

Web Application Attacks

Online retail is the go-to target for many web-borne cyber-attacks. The 2020 Verizon Data Breach Investigations Report (DBIR) revealed that in 43% of all data breaches, web applications were the target. As 2020 panned out, there was an increase of around 800% in web application-based attacks. The most common attack types on web applications include remote code execution, data leakage, and cross-site scripting (XSS).

Credential stuffing and Online Retail

Credential stuffing uses previously stolen login credentials in an attempt to take over an account. Akamai, a vendor that keeps watch on credential stuffing attacks, found that the retail sector was the most targeted for this form of attack. Attack detections in the commerce category of the report hit 64 billion credential stuffing attempts between 2018 and 2020. The retail sector accounted for around 90% of all such attacks in the category.

Denial of Service (DDoS)

A DDoS attack uses (often) thousands of ‘bot’ infected devices to send out malicious traffic to target websites. These ‘bot’s, aka malware, are specifically designed to overwhelm a website/webserver and cause it to crash. Amazon Web Services (AWS) was hit with the largest DDoS attack in history during 2020. The cyber-attack affected thousands of retailers, dependent on online sales to maintain their business during the pandemic.

Events and phishing

Cybercriminals love an event. By focusing their campaigns on big calendar happenings in the retail world, hackers can use social engineering tricks to create successful phishing campaigns. In the run-up to Black Friday 2020, a surge in phishing attacks related to the event were detected. A Check Point report found a 13X increase in phishing emails in the six weeks to Black Friday. The rate of phishing in November 2020, was around one in every 826 emails delivered, compared to less than one in 11,000 at the start of October. Check Point explains the likely reason for the increase are cybercriminals capitalizing on people staying at home and shopping online.

API Attacks

The world of retail is increasingly dependent on API calls to find out information, check customer identity, and perform transactions. But APIs are a potential weak spot in terms of security. Attacks on retail APIs, during 2020, far exceeded the levels of attacks in previous years, according to research. Popular attack vectors include cross-site scripting (XSS) and SQL injection.

Client-side Attacks

The CMS (Content Management System) frameworks, used as platforms for many online retail outlets, are a target for cyber-attacks. One of the most infamous recent attacks of this nature was the attack on UK airline, British Airways (BA). The company was fined around £20 million ($27 million) for a breach that affected 185,000 reward program customers and a further 380,000 users of the airline’s app and website. The company is now expecting a customer settlement bill of around £3 billion. The breach occurred when a malicious script comprising 22 lines of code was inserted into the BA website. A vulnerability in a web element allowed the hack to occur. Once in situ, the code facilitated a transfer of data to ‘’, a very similar looking URL to the legitimate ‘’.

Other client-side attacks include the misuse or incorrect implementation of secure internet communications. For example, the use of the principle of securing data in transit is vital to maintain data security. The use of encrypted communication protocols, such as Transport Layer Security (TLS) when transmitting data across Wi-Fi or other networks, prevents Man-in-the-Middle attacks, which result in the theft of login credentials.

Online shopping for food, medicines, and other essentials, has been a vital service during the pandemic. With more people choosing to shop online, the online shopping trend is expected to continue. Online retailers can offer a secure shopping experience to customers by taking precautions and closing off the routes to a cyber-attack.

WebTitan protects your business and customers against all cyberattacks. Find out how you can better protect your organization from cyberattacks in 2021 and start a 30 day free trial today!

Find out more about WebTitan Here

#WebsiteSecurity #DedicatedHosting

How to Delete Malware From Your Website: A Guide to Defending Your Digital Presence

How to Delete Malware From Your Website: A Guide to Defending Your Digital Presence - SaaS -

According to recent data, a whopping 17.6 million of the world’s websites are infected with malware. You may be wondering: How can you tell if you have malware? And once your site is infected, how can you delete malware?

Here, we’ll answer both questions—showing you how to delete malware from your site and defend your digital presence.

Signs Your Site May Be Infected

How can you tell if you have malware? While some attacks are obvious—like a defacement hack that destroys your site’s appearance—most malware hides in plain sight, running malicious processes in the background.

The most obvious sign of malware is a host suspending your account or Google blacklisting your site. In these cases, visitors will be met with a suspension page or a warning from Google.

But if Google or your host doesn’t catch the malware right away, you may still notice other signs of an infection. These can include:

  • Spam information in Google search results related to your website
  • Unwanted pop-ups, downloads, or a redirect to a malicious website
  • Unrecognized admin users added to your website’s CMS

None of these issues are desirable. However, they can be deterred.

How To Delete Malware From Your Site

Can malware be removed?The answer is yes (thankfully). But depending on your background, knowing exactly how to delete malware may be easier said than done.

Malware can infect your site files, database, or both—and removing it can be a highly technical process, often requiring specialized knowledge or help from a security partner. When bouncing back from an attack, you should have some experience modifying files and databases, as even the smallest mistake can take hours of work to undo. – Read more

Learn More About SiteLock and how to delete Malware

Find more Website Security Software here

Read more blog posts about website security here

What Does it Mean When a Website is Not Secure? What To Do About It?

Chances are you have heard about the dangers of an insecure website. You could also be asking yourself, why does my website say not secure, or wondering what it means when a website is not secure. Read on to find out what cybersecurity experts really mean when they say a site is not secure, and how to improve your site’s overall security.

What Does It Mean When a Website Is Not Secure?

So, what does it mean when a website is not secure in today’s world? Most web browsers alert users if they view insecure web pages by displaying a “Not Secure” warning. This indicates the web page is not providing a secure connection to visitors. When your browser connects to a website, it can either use the secure HTTPS or the insecure HTTP protocol. If a site’s URL begins with HTTP, it means the connection is insecure, which triggers the “Not Secure” warning.

What Happens If a Site Isn’t Secure?

When a website says not secure it can have serious consequences, especially if it is an eCommerce site. Insecure websites are vulnerable to cyberthreats, including malware and cyberattacks. If your site falls victim to a cyberattack, it can impact the site’s functioning, prevent visitors from accessing it, or compromise your customers’ personal information. In addition, a cyberattack can damage your company’s reputation and cost you customers. Research shows if your customers’ confidential information gets compromised, 65% of them won’t return to your site. Along with the loss of customers comes a loss of revenue, which can be especially devastating to small businesses.

How to Secure Your Site

There are a few ways to secure a site when a website says not secure. One important way to secure your website is by installing an SSL certificate. This establishes a secure connection for visitors and changes your URL to begin with HTTPS, indicating your site is trustworthy.

In addition, it’s crucial to partner with a reputable cybersecurity provider offering website security solutions. These include automated malware scanning and removal, vulnerability patching to address weaknesses in your site, and a web application firewall (WAF) to block malicious traffic. – Read more

Learn More About SiteLock