The retail sector is under threat from… Gmail, WhatsApp and Google Drive?

News
By
published

Malware delivery in the retail industry is a growing problem, targeting credit card and banking info

Woman holding credit card and phone
(Image credit: Shutterstock)

Multiple malware and phishing scams are running rampant through apps such as WhatsApp, Gmail and Google Drive, affecting businnesses across the retail sector as the Black Friday/Cyber Monday shopping period approaches, new research has claimed.

In terms of malware downloads per industry, the retail sector topped the list for the amount downloaded through Gmail and Google Drive, edging out cloud storage giant Microsoft OneDrive which saw the most use in other sectors.

The most common mechanism to deliver malicious software through these apps are trojans which trick users into downloading further malware.

The report from Netskope Threat Labs examined how the retail sector compared to other industries in terms of cloud app adoption, cloud app abuse, and the types and quantity of malware delivery. 

It found that Google Drive, Gmail, and WhatsApp are among the top five most popular apps within the retail sector, with OneDrive claiming the top spot across all industries.

WhatsApp, designed for personal messaging, is being used by those in the retail section as a collaboration tool, posing huge risks to enterprises in terms of data leakage due to the ability for WhatsApp messages to be forwarded outside of an organization.

WhatsApp also sees the greatest delivery of malware and phishing attacks to those in the retail sector, with the app being downloaded three times more than other apps within the retail sector.

With the retail sector handling sensitive financial information, many of the malware delivered to those in the sector is aimed at stealing credit card information, banking details and personal information.

Overall Google Drive, Gmail and WhatsApp are used significantly more within the retail sector compared to other industries. Google Drive sees a usage of 34% within retail, compared to just 19% in other industries. The statistics are similar for Gmail, with 21% usage in retail compared to 13% in other industries.

WhatsApp’s usage within retail is 17%, with the usage in other industries sitting at just 5.9%. Peak trading times see malware downloads increase significantly within the retail sector, with attacks increasing towards the end of the year.

“Attackers abuse cloud apps to fly under the radar and evade traditional security controls that do not inspect cloud traffic,” advises Ray Canzanese, Director of Netskope Threat Labs. 

“As the holiday shopping season approaches, retail employees and consumers must both be extra vigilant, as phishing, credential theft, and malware activity related to retail tends to increase at the end of the year.”

More from TechRadar Pro

Benedict Collins
Benedict Collins
Staff Writer (Security)

Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but also likes to draw on his knowledge of geopolitics and international relations to understand the motivations and consequences of state-sponsored cyber attacks. Benedict has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham.