The latest resilience news from around the world

Retail resilience: preparing for Black Friday

Details
Published: Friday, 20 November 2015 10:57

What started as a US marketing initiative is unarguably now a popular pre-Christmas event, both in the US and UK. For retailers it brings its own resiliency challenges. Fred Touchette offers some advice.

Black Friday, the first Friday after Thanksgiving, is when historically bricks and mortar US retailers reduce prices in a bid to kick-start the gift buying season. Today it is no longer confined to just physical stores as online promotions have become the focus.

In 2014, an estimated £810million was spent online during Black Friday in the UK - more than double the year before - as websites crashed and people fought in the aisles to grab deals. This year it’s expected to be even bigger with estimates suggesting that spending will reach the £1 billion mark.

So, are you ready for this year’s Black Friday? November 27 isn’t far away! Whether you’re a sole trader selling via etsy, a chain of independent retailers or bigger, you need to make sure you’re ready to cash in and not out.

Here’s a list of tips to keep you trading securely this Festive season:

Black out not an option: One thing that could seriously affect trade is problematic functionality issues and inadequate bandwidth capacity. Check systems now, install any patches ahead of the critical weekend and explore options for temporary bandwidth redistribution if necessary.

Criminal creamers: research has shown that, of the £21.6bn spent over the Christmas shopping season in 2014, around 0.05 percent was taken by online criminals - amounting to £12.4 million. With spending up, criminals stand to cream off a lot more this year. There are a number of elements at play here:

  • Make sure you’re not part of the problem. Check you don’t have spyware, key loggers or any other malicious malware on your systems;
  • Scammers have been known to create fake retailer websites using replicated brand logos, so check regularly to make sure your website hasn’t been falsely replicated elsewhere online;
  • Check that embedded links on your site aren’t erroneously routing to externally hosted malicious pages;
  • If you do run promotions, make sure customers have a means to verify any messages they may have received as legitimate to avoid phishers spoofing your messages and damaging your reputation;
  • Monitor for any unusual behaviour – for example, any ads that you may be hosting aren’t hiding something sinister, to prevent your customers falling into the evil clutches of scammers. Similarly watch for any unusual trades as these could be examples of abused credentials, or cloned cards, and fraudulent transactions.

Watch out for ransomware: often delivered by a malicious email or downloading a file online, ransomware sneaks into the machine by manipulating a security flaw. Having got inside, it begins encrypting all of the documents it can find and then displays a message saying a ransom must be paid to decrypt the files. If you should fall victim it could seriously affect your ability to continue trading. And, if you do fall victim, don't reward these attackers with your negligence AND your money. All you need to do to prevent ransomware in the first place is to back up your files then, if you inadvertently fall victim, you can restore to a point before the malware took hold. Have you still not done it yet? Do it today; in fact, do it right now!

Match fit: while being suspicious of email attachments and links is one way to avoid falling victim, ultimately the best solution isn't to wait until you get infected with ransomware, or any other malicious program. As touched upon earlier, software updates often contain security patches that mend holes that malicious programs try to exploit.

Strong offence is a good defence: lastly, have layered cybersecurity solutions in place - things like web protection; and spam and virus filtering. These can help prevent ransomware from ever coming into your inbox or being downloaded from the web.

Of course Black Friday is just one day as, over the entire five-week festive period, consumers are expected to spend £4.9bn on Internet shopping, up from £4bn in 2014:  and that’s a lot of lost revenue if your systems go down and sales can’t be completed.

While there is no silver bullet when it comes to protecting systems and thwarting online threats, following the tips above and implementing a blended security approach that leverages current intelligence and technology from several sources, you can prevent unwanted Christmas presents in your system.

The author

Fred Touchette is senior security analyst at AppRiver.


Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

The Hunt for Hidden Risks
The Impact Tolerance Guide

Additional Resources

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.