Deprecated: File Theme without header.php is deprecated since version 3.0.0 with no alternative available. Please include a header.php template in your theme. in /homepages/4/d385924900/htdocs/clickandbuilds/SyTechIT727612/wp-includes/functions.php on line 6078
Hackers account for 90% of login attempts at online retailers - SyTech IT Hackers account for 90% of login attempts at online retailers - SyTech IT

Hackers account for 90% of login attempts at online retailers

From credit card details to premium cheese, hackers are after you!

Ā 

Selling stolen personal data is a big business for hackers: Somewhere on the dark web, your e-mail address and a few passwords are probably for sale (hopefully, old ones). Cyber criminals buy troves of this information to try to login to websites where they can grab something valuable like cash, airline points, or merchandise like expensive cheese. Yes, cheese.

Online retailers are hit the most by these attacks, according to aĀ report by cyber security firm Shape Security. Hackers use programs to apply stolen data in a flood of login attempts, called ā€œcredential stuffing.ā€ These days, more than 90% of e-commerce sitesā€™ global login traffic comes from these attacks.Ā The airline and consumer banking industries are also under siege, with about 60% of login attempts coming from criminals.

These attacks are successful as often as 3% of the time, and the costs quickly add up for businesses, Shape says. This type of fraud costs the e-commerce sector about Ā£3 billion a year, while the consumer banking industry loses out on about Ā£1.2 billion annually. The hotel and airline businesses are also major targetsā€”the theft of loyalty points is a thingā€”costing a combined Ā£450 million every year in the US and UK.

Completely unaware

By the time you hear about a hacker intrusion, itā€™sĀ usually too late; on average, it takes 15 months from the day credential data is stolen to the day an intrusion is revealed. Thatā€™s more than enough time for criminals to deploy the data of unsuspecting people in thousands of credential stuffing attacks.

The process starts when hackers break into databases and steal login information. Some of the best known ā€œdata spillsā€ took place at Equifax and Yahoo, but they happen fairly regularlyā€”there were 51 reported breaches last year, compromising 2.3 billion credentials, according to Shape. Hackers frequently target web forums: TheĀ Lady Gaga ā€œLittle Monsterā€Ā fan site had a breach last year that reportedly impacted about 1 million accounts containing birthday, password, and e-mail information.

Premium cheddar

Criminals steal personal data from places with weak protection and then use login data on sites and apps that are much higher value and better protected.Ā Taking over bank accounts is one way to monetise stolen login informationā€”in the US, community banks are attacked far more than any other industry group. According to Shapeā€™s data, that sector is attacked more than 200 million times each day.

Another way to turn stolen data into cash is to buy merchandise, from gift cards to physical goods like electronics, that can easily be resold. It turns out that expensive cheese, likeĀ Ā£200-per-poundĀ Wyke Farms cheddar, is sometimes used in criminal schemes. Hackers use stolen credentials to break into online accounts to buy high-priced cheese and then resell it to restaurants for cash, Shape says.

Effect on RetailersĀ 

RecentĀ researchĀ carried out by Retail Week found that 72% of retail executives have witnessed ā€œan exponential rise in the increase in hacking attempts in the past two to three years, with 64% of those witnessing this increase experiencing a breach in their own firm.ā€ This is worrying in itself. But when you compare those statistics with the views of consumers quizzed as part of the same research, 72% of who would be unlikely to do business again with a retailer who suffered a data breach involving personal data, itā€™s clear that cyber-security has a material impact on the brand, and ultimately the bottom line.

The Threat Landscape

Cyber criminals are becoming more sophisticated, sharing successful techniques and tools with others hackers on the dark web. Whilst cyber security is improving, the threat landscape is constantly evolving.

As many retailers look to implement a single digital customer journey encompassing online, in store and beyond, which is dependent on customer data, now is the time to break rank and design a security strategy from the inside out.Ā 

The benefits? There are many, but these are the ones I see as delivering the most strategic value.

  • Innovation: Being able to scale technology-based innovation, which letā€™s face it is happening at a previously unseen pace, with confidence rather than scrabbling to find a way around PCI DSS and GDPR requirements.
  • Reputation: Knowing that the millions spent building your brand are much less likely to be outstripped by millions spent defending and rebuilding your reputation after a data breach, particularly one you could have easily avoided.
  • Business Optimisation: Why retrospectively work out how to plug the gaps and comply with information security regulations when you make a change to your IT? Build in flexible, scalable security and youā€™ll save time and money on your projects.

Ā 

Follow Us

Based In Keele, SyTech IT provide IT Solutions, Support & Systems for Industry and multi channel distribution businesses within Stoke-on-Trent, Staffordshire, Derbyshire, Cheshire, Lancashire, Warwickshire, Birmingham and Manchester.

Ā© All rights reserved 2018 SyTech IT Limited Registered in England and Wales: 09896931

SyTech Logo FINAL_WHITE_RGB

Deprecated: File Theme without footer.php is deprecated since version 3.0.0 with no alternative available. Please include a footer.php template in your theme. in /homepages/4/d385924900/htdocs/clickandbuilds/SyTechIT727612/wp-includes/functions.php on line 6078