Retailers are facing a host of security threats this Black Friday

(Image credit: Shutterstock / Sapann Design)

Black Friday is upon us, and while most of us will happily grab that great deal for a new TV or a smartphone, retailers are staring at yet another cybersecurity nightmare. 

New insight from Trustwave has outlined the challenges facing retailers in the peak shopping period, with many retailers experiencing “significant fluctuations in traffic and sales”, making staying safe and compliance an enormous challenge. 

This year, the most common hacking tactics include access for sale, bot attacks, business email compromise, consumer-based attacks, email-borne malware, gift card fraud and scams, phishing, and vulnerability exploitation. 

Reader Offer: $50 Amazon gift card with demo

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

Abusing the holiday season

Turstwave notes that the biggest threats will be coming from 8BASE, Bian Lian, BlackCat (AKA ALPHV), Cl0p, LockBit, Play, RansomedVC, and Royal, which are currently the most popular threat actors out there. It’s worth mentioning that all of the groups mentioned here are ransomware actors, some of which allegedly enjoy tight relationships with their local governments.

"The significant shift towards digital commerce that unfolded during the global pandemic marked a pivotal moment for retailers,” said Trustwave CISO Kory Daniels. “An industry historically focused on compliance and point-of-sale security had to rapidly adapt to surging consumer demands, virtual workforces, and evolving threat actors.”

Hackers are known for using holidays and global events as triggers for hacking campaigns. World Cups, Olympic Games, summer holidays, tax seasons, and even things like Halloween and Black Friday are always abused to try and steal money, or personally identifiable information, from consumers. 

Consumers looking for the next great deal should use common sense and buy things only from verified sources. If something is too good to be true, it most likely is, and double-checking the URL in the address bar - especially for easy-to-miss changes - should become a habit for every person going into the New Year.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.