By Fred Touchette, senior security analyst at AppRiver.
What started as a US marketing initiative is unarguably now a popular Christmas tradition – both in the US and UK too. Black Friday, the first Friday after Thanksgiving, is when historically bricks and mortar US retailers reduce prices in a bid to kick-start the gift buying season. Today it is no longer confined to just physical stores as online promotions have become the focus.
In 2014, an estimated £810million was spent online during Black Friday in the UK - more than double the year before - as websites crashed and people fought in the aisles to grab deals. This year its thought to be even bigger with estimates suggesting spending will reach the £1 billion mark.
So, are you ready for this year's Black Friday 2015 – the 27th of November isn't too far away.
Bun Fight in Aisle 10
There's definitely one major retailer that will not be keen to see a repeat of last year's chaos. Supermarket giant Asda heavily promoted its significant Black Friday bargains but instead ended up battered and bruised – quite literally, as shoppers resorted to physical violence to secure the best deals.
Whether you're a sole trader selling via etsy, a chain of independent retailers or bigger, you need to make sure you're ready to cash in and not out.
Here's a list of tips to keep you trading securely this Festive season:
Black Out not an option: One thing that could seriously affect trade is problematic functionality issues and inadequate bandwidth capacity. Check systems now, install any patches ahead of the critical weekend and explore options for temporary bandwidth redistribution if ncessary.
Criminal Creamers: Research has shown that, of the £21.6bn spent over the Christmas shopping season in 2014, around 0.05 per cent was taken by online criminals - amounting to £12.4 million. With spending up, criminals stand to cream off a lot more this year.
There are a number of elements at play here:
- make sure you're not part of the problem. Check you don't have spyware, key loggers or any other malicious malware on your systems
- scammers have been known to create fake retailer websites using replicated brand logos, so check regularly to make sure your website hasn't been falsely replicated elsewhere online
- check embedded links on your site aren't erroneously routing to externally hosted malicious pages
- if you do run promotions, make sure customers have a means to verify any messages they may have received as legitimate to avoid phishers spoofing your messages and damaging your reputation
- monitor for any unusual behaviour – for example, any ads that you may be hosting aren't hiding something sinister, to prevent your customers falling into the evil clutches of scammers. Similarly watch for any unusual trades as these could be examples of abused credentials, or cloned cards, and fraudulent transactions
Watch out for Ransomware: Often delivered by a malicious email or downloading a file online, Ransomware sneaks into the machine by manipulating a security flaw. Having got inside, it begins encrypting all of the documents it can find and then displays a message saying a ransom must be paid to decrypt the files. If you should fall victim it could seriously affect you're ability to continue trading. And, if you do fall vicmit, don't reward these terrorists with your negligence AND your money. All you need to do to prevent ransomware in the first place is to back up your files then, if you inadvertently fall victim, you can restore to a point before the malware took hold. Have you still not done it yet? Do it today; in fact do it right now!
Match Fit: While being suspicious of email attachments and links is one way to avoid falling victim, ultimately the best solution isn't to wait until you get infected with ransomware, or any other malicious program. As touched upon earlier, software updates often contain security patches that mend holes that malicious programs try to exploit.
Strong Offence is a Good Defence: Lastly, have layered cybersecurity solutions in place - things like Web protection; and spam and virus filtering. These can help prevent ransomware from ever coming into your inbox or being downloaded from the Web.
Of course Black Friday is just one day as, over the entire five-week festive period, consumers are expected to spend £4.9bn on internet shopping, up from £4bn in 2014 – and that's a lot of lost revenue if your systems go down and sales can't be completed.
While there is no "silver bullet" when it comes to protecting systems and thwarting online threats, following the tips above and implementing a blended security approach that leverages current intelligence and technology from several sources, you can prevent feeling black this Christmas