Black Friday: Top Security Tips for Retailers As the Shopping Season Beckons – Toolbox

While customers seeking Black Friday discounts online are told to follow a few easy recommendations to be safe and avoid cyber crooks exploiting the annual shopping frenzy, tech experts describe what retailers can also do to ensure their devices and data are kept secure. Read on to know how retailers can keep cybercriminals at bay and provide customers a safe and secure shopping experience.

 Black Friday is one of the most anticipated days of the year for online and retail shopping, but it’s also a great day for scammers. Amid the continuing impact of Covid-19, Black Friday sales in 2020 exceeded $23 billion, surging by 40% over the previous year, according to Forbes. In fact, 30% of all purchases that take place prior to Christmas occur on Black Friday.


The sale for this year is set to commence from next Friday. However, the cyber threat intelligence team at Egress has already detected a surge in the volume of phishing mails from fraudsters pretending to be prominent delivery services like DPD, Royal Mail, Hermes, DHL, and Royal Mail. From October itself, Egress analysts noticed a 50% spike in the volume of such emails, which they claim is occurring considerably earlier this year than expected.

Mounting concerns over shipment delays are forcing shoppers to begin their holiday shopping early this year, and cybercriminals are following suit. Recently, a cybercriminal disguised as Amazon used a bogus email to take advantage of holiday purchasers. The attacker sent out mails in Japanese, claiming to be from the Japanese government. However, the subject line was in English and read: “System Notification: We were unable to renew your Amazon account.”

During Black Friday last year, security firm Mimecast scanned the Internet for over two weeks and detected nearly 14,000 suspicious internet domains that spoofed 20 major retail brands. “Consumers should therefore be vigilant and make sure they take the recommended steps to keep their data safe while shopping online,” says Carl Wearn, the head of E-Crime at Mimecast.

“Things to look out for include: bad spelling, urgency in the messaging to buy, logos and branding not looking correct, and URLs looking suspiciously long. If in doubt, always navigate to the official website safely via your browser. Similarly, email phishing campaigns will continue to be prominent, so consumers should always be wary of clicking on any links within emails,” he advises.

Online shoppers looking to grab once-in-a-year deals on Black Friday are also being advised to follow a few simple guidelines to stay safe online and avoid cyber thieves intent on taking advantage of the annual shopping frenzy.

See More: Top Tips to Stay Safe During Black Friday & Cyber Monday

Tips for Retailers on Ways to Combat Black Friday Blues

Online scams and fraudulent operations during Black Friday not only impact online shoppers, but retailers as well. Here’s some expert advice on how retailers can keep cybercriminals and scamsters at bay and deliver a safe and reliable shopping experience to millions of customers.

Taking a proactive approach

As the world begins to stabilize post-pandemic, retailers face new challenges with supply chain issues, labor shortages and unpredictable shipping timelines. However, despite these irritations, almost a third of shoppers are planning to spend more this year than in 2020 and 56% of U.S. consumers stated that delivery delays would negatively impact future purchases. Nicola Kinsella, VP of global marketing, Fluent Commerce said, “Retailers will either need to find ways to face these issues head-on or risk long-lasting effects on their brand.

“There are several ways having a good quality Order Management System (OMS) in place can help retailers manage the chaos more profitably and efficiently. This includes fulfilling from the best location based on sell-through rate or markdown price, including location capacity for online orders in your sourcing logic, or using third-party logistics (3PL) or drop ship vendors (DSV) to expand their range and availability. This Black Friday, taking a proactive approach could make the difference between ongoing brand loyalty and shoppers finding another vendor to satisfy their holiday needs.”

Enhancement in technologies — cloud and more

Evolving technologies have blurred the lines between physical and digital shopping for consumers. Thanks to robotics, artificial intelligence (AI), cloud computing and virtual and augmented reality, retailers can bring an enhanced experience through the options of ‘fitting rooms,’ personalized digital displays, customer face recognition, instant payment and more to the palm of someone’s hand, suggested Lex Boost, CEO, Leaseweb USA.

He added, “The one downside to the enhancements in technology is the pressure on the retailer to meet the customers’ expectations — particularly during the influx of traffic caused by Black Friday and Cyber Monday. Organizations must ensure that their infrastructure is built for speed, security, and reliability not to disrupt the customer experience.

“One of the most important steps a retailer can take is partnering with a comprehensive cloud hosting solution that includes hybrid ready product portfolios, core uptime, iron clad security solutions and an extensive network that addresses industry-specific requirements and can be trusted in times of high traffic to deliver a quality experience for customers.”

See More: 6 Reasons Developers Are in Such High Demand Right Now

Wary of supply chains

Leading up to Black Friday, consumers have heard about potential issues with retail and delivery supply chains. Although there are many reasons why certain products might not be on store shelves or deliveries might be delayed, one reason we can’t overlook is cybersecurity, remarked Tom Callahan, director of operations, MDR at  PDI Software.

Because the retail supply chain is increasingly digital and interconnected, the entire chain can quickly be impacted by a single cyberattack on one company along the chain. For instance, we’re now seeing what used to be simply ransomware attacks turning into extortionware attacks. “If a business gets breached and decides not to pay the ransom to get their data back, cybercriminals can leverage that data to extort not only the business but the customers and partners of that business as well. As a result, the blast radius of a cyberattack can escalate very quickly across a wide footprint. This has the potential to disrupt the retail supply chain completely.

To guard against such a possibility, companies need to follow their established security best practices and maintain vigilance. But they must also be wary of how interwoven their supply chains are. They must be able to protect sensitive data and maintain secure access points as they interact with other businesses through the cloud.”

The right email personalization

The holidays are hectic for any business during Black Friday. But for email marketers, the weeks leading up to it are just as chaotic. With online shopping now the norm, email inboxes are packed with promotional offers from all types of businesses. For promotional emails to exceed revenue expectations, e-commerce businesses must first focus on deliverability – are your messages landing in the inbox? Once that is addressed, the other key is to target audiences based on each individual’s interests, stated Will Conway, CEO, Pathwire.

“The return on investment is normally high with email marketing, and Black Friday tends to be the peak for the e-commerce business. In 2020, the Data and Marketing Association said that email earned more than $35 for every $1 spent. When companies build advanced personalization into their email strategies, it allows them to get ahead of the competition. The right email program will help bring in new customers and turn them into long-time customers,” he concluded.

Pragmatic and strategic security approach

“As consumers flock online for the latest bargains, many retailers will be looking to adjust their websites to ensure they can cope with sudden increases in traffic and deliver a seamless experience,” commented Andy Fernandez, senior manager, product marketing at Zerto. Given the retail industry was reported as the second most attacked industry by ransomware this year, retailers must have a laser-focus on security in their preparations for Black Friday. A ransomware attack on the day could be catastrophic.

“Black Friday is well known for being the last chance for retailers to hit profits before the end of the year. Given the importance of this event, some retailers may have already been exploited with hackers holding off and the ransomware lying dormant until it can do maximum damage—for example early morning on Black Friday. By holding off, the impact of the attack doubles: a retailer’s entire operation has been shut down on the most profitable day of the year, all while being held to ransom.”

To avoid this, Fernandez suggested that retailers need to shift to a more pragmatic and strategic security approach that aims to ensure the organization can recover fast from a cybersecurity event and get back to business as usual with zero data loss. Once you have been compromised, prevention is no longer a viable protection strategy. “By implementing tools that deliver disaster recovery and continuous data protection, IT teams effectively regain control of their destiny and can’t be held to ransom by external threat actors that are intent on disruption or extortion.”

Preventing downtime

“Black Friday is one of the biggest shopping days of the calendar year. Particularly over the past few years, online shopping has soared in popularity, and so retailers need to ensure that their websites are able to cope with this influx in demand,” said Jeff Keyes, VP of product marketing & strategy, Plutora. On days like these they’re faced with an “unpredictable load on the system combined with last-minute changes to handle special processing” on the deals. Part of this relies on businesses not scheduling updates to critical systems, such as their websites, during these busy times, risking the site being unavailable during this crucial window.

Retailers should control their updates to key systems on and around the Black Friday-Cyber Monday weekend to prevent downtime, he said. They need to be confident that production software will “remain stable and up and running without any updates needing” to be pushed out. Keyes thinks that it’s also vital to ensure there is an immediate response for any hot fixes that are required for any issues that do crop up. Once the weekend is over, and ideally lots of sales have come through, release managers can get back to scheduling regular updates to continue to improve the website, and thereby improve customer experience.

Do you think adopting these measures are enough for retailers to combat cyber attacks during Black Friday sales? Let us know on LinkedIn, Twitter, or Facebook. We would love to hear from you!