Retailers need to ensure they secure their communications and supply chain between third party vendors and within their own infrastructure, according to KnowBe4 security awareness advocate for Asia Pacific, Jacqueline Jayne.

She says organisations should enable multi-factor authentication for sensitive systems to prevent unauthorised access and protect their important data, assets, and accounts.

Credit card data is a form of currency for cybercriminals and Point of Sale systems are a point of attack to obtain credit card details and PINs. In these instances, malware is installed on the POS which will record everything. 

Most malware will find its way onto a POS via email where an employee would unintentionally engage with a phishing email, which results in the deployment of the malware. Another form of malware to be aware of is a Denial of Service (DoS) that is designed to disrupt. The network is flooded with requests that the servers are unable to deal with resulting in an application or website not functioning. 

Then there’s ransomware – another form of malware – and as the name suggests, once this malicious software has been deployed, systems are shut down and a ransom is demanded. Disgruntled or casual employees looking to make extra money or cause disruption need to be considered as well. Known as ‘insider threats’, they are becoming increasingly popular. 

Should a retailer become the victim of a successful cyberattack, the results can vary from loss of reputation, financial impact, brand damage, loss of trust and even forcing to close. 

What can retailers do to stay safe? 

  1. Patch all software and check that your networks are safe from vulnerabilities. 
  2. Communicate with vendors and ask them what they have in place for cybersecurity. 
  3. Take their employees through new-school security awareness training to avoid falling for scams and social engineering attacks in both their personal and professional lives. 
  4. It would be advisable for them to educate their customers on what to look out for to avoid being scammed.  All online retailers should have a page on their website dedicated to communicating with their customers on any scams that have been reported. 
  5. Using social media is also a great way to keep customers up-to-date with scams and can also be used as a platform to educate on staying safe online. 
  6. Educate customers who come into your physical stores on staying safe online and shopping safely.