Multiple malware and phishing scams are running rampant through apps such as WhatsApp, Gmail and Google Drive, affecting businnesses across the retail sector as the Black Friday/Cyber Monday shopping period approaches, new research has claimed.
In terms of malware downloads per industry, the retail sector topped the list for the amount downloaded through Gmail and Google Drive, edging out cloud storage giant Microsoft OneDrive which saw the most use in other sectors.
The most common mechanism to deliver malicious software through these apps are trojans which trick users into downloading further malware.
Popular apps injecting malware into retail
The report from Netskope Threat Labs examined how the retail sector compared to other industries in terms of cloud app adoption, cloud app abuse, and the types and quantity of malware delivery.
It found that Google Drive, Gmail, and WhatsApp are among the top five most popular apps within the retail sector, with OneDrive claiming the top spot across all industries.
WhatsApp, designed for personal messaging, is being used by those in the retail section as a collaboration tool, posing huge risks to enterprises in terms of data leakage due to the ability for WhatsApp messages to be forwarded outside of an organization.
WhatsApp also sees the greatest delivery of malware and phishing attacks to those in the retail sector, with the app being downloaded three times more than other apps within the retail sector.
With the retail sector handling sensitive financial information, many of the malware delivered to those in the sector is aimed at stealing credit card information, banking details and personal information.
Overall Google Drive, Gmail and WhatsApp are used significantly more within the retail sector compared to other industries. Google Drive sees a usage of 34% within retail, compared to just 19% in other industries. The statistics are similar for Gmail, with 21% usage in retail compared to 13% in other industries.
WhatsApp’s usage within retail is 17%, with the usage in other industries sitting at just 5.9%. Peak trading times see malware downloads increase significantly within the retail sector, with attacks increasing towards the end of the year.
“Attackers abuse cloud apps to fly under the radar and evade traditional security controls that do not inspect cloud traffic,” advises Ray Canzanese, Director of Netskope Threat Labs.
“As the holiday shopping season approaches, retail employees and consumers must both be extra vigilant, as phishing, credential theft, and malware activity related to retail tends to increase at the end of the year.”
More from TechRadar Pro
- Take a look at our guide to the best firewall protection
- Keep your personal data safe with the best identity theft protection tools
- Businesses are losing huge chunks of their revenue to cyberattacks
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Before settling into journalism Ben worked as a Livestream Production Manager, covering games in the National Ice Hockey League for 5 years and contributing heavily to the advancement of livestreaming within the league.
He has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham. Outside of work Ben follows many sports; most notably ice hockey and rugby. When not running or climbing, Ben can most often be found deep in the shrubbery of a pub garden.