Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
This holiday shopping season was a boon for retailers, who raked in a record $1 trillion, an incredible increase of nearly $300 billion from 2018. Meanwhile, overall online sales increased 13%, while Black Friday and Cyber Monday saw 17% and 19% increases, respectively.
But online holiday shopping is a goldmine for more than just e-commerce businesses—threat actors try to get a piece of every dollar that consumers spend. Over the 2019 holiday shopping frenzy, these cyber-crooks used the brand names of leading e-tailers, as well as the poor online security hygiene of consumers, to pocket some of these earnings for themselves.
Example of malicious holiday app
During this research, RiskIQ analysts focused on the ten-most trafficked e-commerce sites over the holiday season—brands people are incredibly likely to shop with during that time of year. They also explored instances of their branded terms appearing alongside “Black Friday,” “Cyber Monday,” “Christmas,” or “Boxing Day.”
The report details critical findings for brands to reflect on:
For specific methodology, metrics, or to learn more, download the RiskIQ 2019 Holiday Season Threat Review.
What are the keys to a Modern Vulnerability Risk Management Program? On Tuesday, @joshuamayfield and @josh_zelonis will examine why defending your organization's digital attack surface starts with being able to discover unknowns and investigate threats: https://t.co/kCxgPW0Ckb
IGNITE is just 10 days away! RSVP now to kick off #RSAC and party with Flashpoint, @elastic, @ThreatQuotient, @Siemplify, and @RiskIQ: https://t.co/hnlh0UhHEo
The largest UK #GDPR fine was £183m in 2018 as B.A. booking website was hit by Magecart ccard skimming code. @RiskIQ worked with https://t.co/E3JRdvCMWA and Shadowserver to take down the malicious domains. https://t.co/iiH69vbKFK
The theme of this year's @cctxcanada 4th annual collaboration event is "Give and Take: Why helping others drives our success." RiskIQ's Geoff Roote explains the modern Internet Attack Surface and why defending the web is a collaborative community effort.
State-sponsored social engineering: how you can protect your business from Iranian #CyberThreats https://t.co/uoI0wG2Pje #ThreatIntelligence