It’s the Most Wonderful Time of the Year…for Attacks and Attackers

It's that time of the year again: the most wonderful time of the year for attackers. Between Black Friday, Cyber Monday, and heightened online spending in the weeks leading up until the year-end holidays (Chanukah, Christmas, Boxing Day, Kwanzaa, Festivus), the opportunities are ripe for bad actors looking to take advantage of shoppers and e-commerce apps alike.

In 2019, security researchers at F5 Labs found a 100% increase in new threat campaigns from November to December of that year. Many of these campaigns entered a network with something as simple as a phishing email, preying on users scouring their inboxes for discounts by using language employed by retailers in Black Friday and Cyber Monday promotions. Additionally, instances of web application attacks-such as DoS and DDoS attacks-also increased as attackers attempted to disrupt the profits of online retailers.

To safeguard your customers' holiday shopping experience and to ensure your business-critical applications remain up and uncompromised, it is essential to secure your apps against common attack types that plague retail and e-commerce businesses during the holiday shopping period. Read on for some strategies to help your organization weather the holiday cyberattack storm.

Phishing

Across the globe, phishing remains the most common or one of the most common attack vectors for cybercriminals. Last year in the United Kingdom, phishing accounted for 28% of all cybersecurity incidents, and in Australia, phishing accounted for 36% of incidents. In 2020, the number of phishing attacks doubled from the previous year, and since then, the number has remained at a consistent but high level. And unfortunately, this form of attack remains so prevalent because it works.

Cybercriminals can take advantage of shoppers looking for deals by sending emails that look familiar to Black Friday and holiday shoppers. And it doesn't stop at emails: attackers may send fake texts ("Smishing"), or even imbed malicious QR codes into emails and social media promotions ("Quishing"). Emails and texts with urgent language that piggybacks off the Black Friday craze can cause even the most threat-savvy users to click on phishing links in emails, leading to the compromise of your networks and delivery of malware.

Educating users on phishing is essential, but it is only the first line of defense. How do you stop malware from attacking and propagating after the user has clicked on a phishing link?

F5 SSL Orchestrator can help your organization stop phishing attacks before they harm your network. By decrypting encrypted payloads (such as email and social media communications, which heavily leverage TLS certificates), SSL Orchestrator can gain visibility into encrypted payloads to scan for malware. Thus, when a user clicks on a phishing link disguised as a Black Friday deal, the packet will be inspected, identified as malware, and blocked from traversing and infecting your network.

With an F5 Secure Web Gateway Services add-on subscription, your organization can also block users from accessing websites that contain malware downloads. Since the F5 SWG Services database is updated consistently and many malicious sites are created and torn down within days, you will always be guaranteed protection from the latest phishing web pages.

Credential Attacks

But phishing is not the only attack type online retailers are vulnerable to during this high traffic buying season. Credential threats-such as brute force attacks, credential stuffing, and leaked credentials-can also pose severe risks to your customers and lead to account takeovers. And nothing wreaks havoc on a customer's holiday shopping experience like fraud and credit card theft.

Fortunately, there are several ways you can stop a credential attack before it causes immense damage. While not entirely inevitable, leaked credentials are a mainstay of the digital-first world. F5 Leaked Credential Check is an add-on to F5 Advanced WAF that stops leaked or stolen credentials from being used to access apps, automatically detecting and mitigating compromised credential use so your customers can go about their holiday shopping without fear of fraud and identity theft. You don't have to worry about fraudulent accounts filling their carts with goods or using stolen credentials to finance their spending spree.

Public link

Please use the above public link if you want to share this noodl on another website.