The percentage of hacking attempts in the retail industry that were considered “sophisticated” doubled from the first half of 2020 to the year’s second half.
NuData had previously forecast that hackers would spread the use of sophisticated attacks from the financial vertical, where almost all cyberattacks are sophisticated, to other verticals that are less experienced in detecting and responding to them.
The study also examined digital traffic patterns in retail and e-commerce during the second half of 2020, finding that the typical September-October lull in traffic from bad actors did not occur until November. NuData advises that this longer period of holiday attacks is a reminder that cybercriminals don’t always follow expected seasonal trends, making it vital to have security that is scalable across the year.
In addition, more than 90% of cyberattack traffic in retail and e-commerce during the second half of 2020. According to NuData, attacks at login tend to be high-volume, as they often cycle through long lists of credentials to see which ones work. By contrast, attacks taking place after login — at rewards, purchase, or checkout – tend to be more targeted, with attackers using credentials they have already tested. This leads to lower-volume attacks, but a potentially higher success rate.
Overall, valid retail and e-commerce account creation traffic volume was 30% higher throughout 2020 than it was the year before, as consumers increased their use of online shopping during the COVID-19 pandemic.