New E-Commerce Cybersecurity Guide Helps Brands be Proactive This Holiday Shopping Season

External Threat Management Analyst

New E-Commerce Cybersecurity Guide Helps Brands be Proactive This Holiday Shopping Season

November 19, 2021

By Team RiskIQ

By now, it's clear that threat actors are targeting the e-commerce holiday shopping season. In our 2020 Holiday Shopping Threat report, RiskIQ researchers found hundreds of threats against the ten-most trafficked e-commerce sites in the U.S. and U.K., including phishing, domain infringement, malicious mobile apps, and scams.

The holiday shopping season has become a crucial period for e-commerce and a cornerstone of online shops' annual revenue. Adobe Analytics predicts online holiday shopping to reach a record $910 billion in 2021, projecting U.S. e-commerce sales to grow 10% year-over-year between November and December. eMarketer forecasts total U.S. retail sales to rise 9% to $1.147 trillion this holiday season, with retail e-commerce accounting for 18.4% of total sales, climbing 14.4% to $211.66 billion.

This year, our goal is to help brands fight back by sharing approachable ways for beginners and seasoned cybersecurity professionals alike to keep their organizations safe. Phishing and other malicious sites have distinct characteristics we can use to identify and defeat them. These 'red flags' can help determine which pages, apps, and URLs are legitimate and those spun up by threat actors to target brands and customers.

You don't need a holiday miracle to keep your brand and organization safe this holiday shopping season. We hope this guide will be a force multiplier and empower e-commerce stakeholders to overcome resources shortages or cyber skills gaps to identify cyber threats endemic to the holiday shopping season.

The guide breaks down 12 real examples of red flags that users can leverage RiskIQ Community Edition or other open-source tools to spot. These include:

A website has been up for only a short period
A domain is hosted in a country you're not expecting
The site is a copy from elsewhere
A website has an SSL certificate from a free certificate authority
Many more

One of the 12 characteristics of an e-commerce threat broken down in the RiskIQ guide

RiskIQ's global cyber threat workshop program has issued tens of thousands of CPE credits to thousands of cybersecurity analysts worldwide, with thousands more watching on-demand sessions. With our 2021 Holiday E-Commerce Guide, we hope to extend similar security-minded advice, tools, and skills to practitioners of all levels, enabling them to understand and anticipate how their brands and customers are being targeted this holiday shopping season.

The full report, An E-commerce Guide: 12 Ways to Unmask Cyber Threats This Holiday Shopping Season, can be found here.

Featured Posts

External Threat Management | Labs

Bear Tracks: Infrastructure Patterns Lead to More Than 30 Active APT29 C2 Servers

RiskIQ's Team Atlas has uncovered still more infrastructure actively serving WellMess/WellMail. The timing here is notable. Only one month ago, the American and Russian he...

Joining Microsoft is the Next Stage of the RiskIQ Journey

Today Microsoft announced its intent to acquire RiskIQ, representing the next stage of our journey that's been more than a decade in the making. We couldn't be more ...

Media Land: Bulletproof Hosting Provider is a Playground for Threat Actors

Bulletproof hosting (BPH) is a collection of service offerings catering to internet-based criminal activity. These businesses often operate in a grey area, attempting to appea...

Subscribe to Our Newsletter

Subscribe to the RiskIQ newsletter to stay up-to-date on our latest content, headlines, research, events, and more.

Base Editor

Forrester Wave: External Threat Intelligence Services, Q1 2021

RiskIQ Illuminate® Internet Intelligence Platform Datasheet

Five Security Intelligence Must-Haves For Next-Gen Attack Surface Management

Threat Investigations and Response RiskIQ Solution Brief

Illuminate One-Hour On-Demand Event