Win­dows Shop­ping threats to look out for this hol­i­day sea­son

Kuwait Times - - TECHNOLOGY -


Thanks­giv­ing, Black Fri­day, Cy­ber Mon­day, Christmas. There’s a lot of shop­ping to be done be­tween now and the end of 2016. As throngs of dis­cern­ing shop­pers flock to the high street and on­line shop­ping carts are filled to the brim, cy­ber­crim­i­nals are busy pre­par­ing their wares to take ad­van­tage of the high sales pe­riod. With this in mind, we de­cided to out­line some of the big­gest threats fac­ing both re­tail­ers and con­sumers in the up­com­ing hol­i­day sea­son:

DDoS at­tacks

With the Mi­rai bot­net demon­strat­ing its abil­ity to launch high-vol­ume de­nial of ser­vice (DDoS) at­tacks, some might deem the busy sales pe­riod as an op­por­tune mo­ment to show­case their ca­pa­bil­ity or cause widespread dis­rup­tion by tar­get­ing re­tail­ers. Al­lied to this is the threat of DDoS ex­tor­tion, as at­tack­ers may use the threat of dis­abling re­tail op­er­a­tions dur­ing the busiest pe­riod of the year as a means of earn­ing a quick profit. Just this week the web host­ing and build­ing ser­vice Squares­pace was af­fected by two DDoS at­tacks that af­fected a num­ber of e-com­merce sites. A user on the Al­phaBay Dark Web mar­ket­place claimed re­spon­si­bil­ity for the at­tacks and al­leged they had tried to ex­tort Squares­pace for up to $2,000 USD, though this was not confirmed.

Com­pro­mise of e-com­merce sites

This is­sue has emerged as a prob­lem in 2016 with thou­sands of ecom­merce sites be­ing in­fected with key­log­gers de­signed to steal credit card data en­tered into on­line check­out forms. Many of the com­pro­mised web­sites ran the Ma­gento shop­ping cart sys­tem, though other plat­forms such as Pow­er­front CMS and OpenCart, as well as pay­ment pro­cess­ing sys­tems such as Brain­tree and Ver­iSign were also pur­port­edly tar­geted.

POS malware

Cy­ber­crim­i­nals are likely to ex­ploit the large num­ber of trans­ac­tions con­ducted dur­ing the next month by tar­get­ing point of sale de­vices (POS) such as card read­ers and pay­ment ter­mi­nals. When a new cam­paign for the POS malware known as FastPoS was dis­cov­ered in Septem­ber 2016, it be­came clear that the malware was still un­der ac­tive devel­op­ment. A sim­i­lar pat­tern was de­tected in 2015, whereby new cam­paigns and up­grades ap­peared to oc­cur in the months lead­ing up to Christmas. It’s highly likely that the same will oc­cur in 2016.


In sim­i­lar vein to POS malware, cy­ber­crim­i­nals will likely seek to take ad­van­tage of the in­creased num­ber of with­drawals made at ATMs this sea­son. These card read­ing de­vices aren’t al­ways easy to spot. In Septem­ber, US author­i­ties warned of a new tech­nique known as ‘periscope skim­ming’ which in­volves the use of a spe­cial­ized skim­ming de­vice con­nected di­rectly to the ATM’s in­ter­nal cir­cuit board.1 This tech­nique was likely de­vel­oped in re­sponse to anti-skim­ming mea­sures, and crim­i­nals are al­most cer­tain to be de­vel­op­ing new ways to avoid de­tec­tion.

Phish­ing pages

At­tack­ers will try and trick users through fake web­sites that at face value look in­cred­i­bly sim­i­lar to those be­long­ing to le­git­i­mate re­tail­ers. These sites, how­ever, often steal vic­tims’ cre­den­tials when they try to make a pur­chase, or will be used as a land­ing page to down­load a par­tic­u­lar strain of malware. We ex­pect phish­ing email cam­paigns en­cour­ag­ing users to visit these sites to be par­tic­u­larly preva­lent at this time of year.

Chris Brown, VP EMEA and APAC, Dig­i­tal Shad­ows

Newspapers in English

Newspapers from Kuwait

© PressReader. All rights reserved.