Online Retailers Targeted by Hackers Ahead of Black Friday

The National Cyber Security Centre, the national authority on infosec in the United Kingdom, issued a formal notice to more than 4,000 retailers, warning them that their systems were being targeted by hackers who aim to steal customer credit card details. The issue stemmed from a fault in a very popular e-commerce solution used by a large number of retailers.

The UK NCSC reportedly identified as many as 4,151 instances of breaches in retailers, who were being targeted by the hackers. The bad actors managed to abuse a vulnerability found in the checkout page of the e-commerce platform shared between all those retailers. As a result, hackers were able to hijack both payments and exfiltrate card details.

According to the NCSC, the better part of the shops targeted in this attack were using a version of the Magento e-commerce platform that was outdated and still had known vulnerabilities in it that had already been patched by the time of the attack.

The infosec institution issued a warning and an advisory to everyone running the platform to update as soon as possible to avoid what the report calls "reputational damage".

The breaches and targeted attacks against those stores were spotted by the NCSC as part of its ongoing Active Cyber Defence program, which has been live since early 2020 and aims to protect retailers and smaller businesses from similar incidents.

Naturally, the NCSC notified those retailers ahead of the upcoming Black Friday madness, in order to give them time to apply the necessary patches and avoid much bigger trouble.

It is no wonder that Black Friday is the favorite time of year for credit card thieves and credentials skimmers. The volume of online sales skyrockets and people spend hundreds of dollars on average over the duration of the promotional deals. With Covid-19 not going anywhere in a hurry, the volume of online sales on Black Friday is buoyed even further.

Staying safe in the sales rush is a shared responsibility of both retailers and users. While every platform should do its best to apply all security fixes and patches and monitor its networks closely, customers should also do their part in staying safe.

As a customer, the five-second takeaway of what you should be on the lookout for is avoiding deals that look way too good to be true, keeping multi-factor authentication enabled for all devices and accounts that have it, and being extra careful with any promotional emails in your inbox, even if they appear to be from big and legitimate retailers, as those can be spoofed with relative ease by bad actors.

November 22, 2021