Cyber Security Trends Impacting Retailers This Holiday Season

By Alan Brill, Kroll



From headline-grabbing breach events to ongoing trends in information theft, the following industry events tell us a lot about the cyber security threats affecting the retail space this holiday season. Here is some light on how you can keep history from repeating itself.



Third-party breaches

Best practices in third party due diligence include:

• Require your third parties to perform background checks on all employees and provide privacy awareness training.


• Obtain details on how your sensitive data (and that of your customers) will be stored, accessed, shared and transmitted.


• Perform periodic onsite reviews to ensure that the security protocols in practice are sufficient.


• Ensure that the vendor has an incident response plan that includes provisions to notify you if a security event occurs.

POS attacks and skimming

For the past two years, a number of industry breaches have stemmed from point-of-service (POS) attacks. In many of these attacks, a skimmer was installed on an existing POS device, or the entire device was replaced with a new one that collected data and transmitted it remotely to the thieves. There has been much speculation as to the reasons why skimming and POS device swaps, in particular, have increased in prevalence over the years, but this type of attack is dangerous regardless. A few precautions worth taking:

• Check card swipes and PIN entry devices frequently for tampering.


• Perform audits of your equipment on a weekly or daily basis to ensure serial numbers match what’s recorded.


• Perform background checks on employees as a preventative measure.


• Train employees to have a basic understanding of POS attacks and to recognize discrepancies with the equipment.


• Ensure security camera video footage is available to allow you to detect individuals tampering with the devices.

Fake websites and cybersquatting

Imitation is normally considered the sincerest form of flattery, but not in this case. Fake retail websites that look just like the real thing abound on the internet. These sites are surprisingly easy for thieves to build and, perhaps not so surprisingly, extremely successful at falsely luring in your customers. This is a perennial problem for retailers with an online presence, but fake sites, ads, emails, internet discounts and other customer traps have a way of spiking during the holiday season. This reputational harm and brand distrust that can result from this type of activity is not something to underestimate.



Along with fake websites, beware the practice of cybersquatting – buying up similar domains and relying partially on typographical mistakes to drive traffic to the fake site. When purchasing a domain name for your organization (or even after the fact), it’s important to research and purchase domain names and extensions similar to your organization’s primary address (e.g., name.com, names.com, name.biz, name.net)

• Fake websites imitating a legitimate retail business typically coincide with phishing attempts, so be sure to alert customers whenever incidents of fake email offers, coupons, ads or other solicitations occur.


• Alert the domain hosting company, the Internet Service Provider and the authorities about the fraudulent website so that, if possible, the cybersquatters can be prosecuted.

Alan Brill is senior managing director with the Cyber Security and Information Assurance practice at Kroll, which provides intelligence and scalable technology solutions that help companies, investors and governments address business and legal risks, drive compliance and capitalize on opportunities.