Blog Use Cases

What Did We Learn from the 2023 Holiday Season?

With Valentine’s Day now over and no collective shopping seasons on the horizon for a while, one might not give much thought to campaigns and threats impacting retail consumers. Yet spring is right around the corner and shopping is a year round activity. There is activity from the 2023 holidays that both consumers and retailers can learn from to step into a new season of protecting their money and personal information while giving bad actors more bad days.

What Did the Most Recent Holiday Season Teach Us in Cybersecurity?

The Most Severe Threat Types for Retail Operate Via DNS: A 2023 Report from TrustWave listed the following threats as most severe for retail: 

  • Email-Borne Malware 
  • Routine Phishing and Business Email Compromise (BEC) 
  • Credential Access
  • Consumer-Based Attacks
  • Gift Card Fraud and Scams 

What unites all of these threats is a reliance on the abuse of Internet infrastructure that is observable, comparatively static, and often rich in contextual information. This is often made possible through fraudulent domains that imitate the retail company names and brands themselves, or that imitate other companies within their supply chain. 

Malicious Activity is Still Succeeding: Retail companies are not standing still in the face of evolving threats; our team is seeing a majority of large retail companies investing in their technologies and practices to evolve right alongside those threats. Many organizations are deploying security tools which typically include relatively late-model products in the realms of network defense, host defense, identity and access management, visibility and situational awareness tools, cyber threat intelligence, and orchestration and automation of some or all of these. Despite all of this, malicious activity still seems to persist and compromise retail companies and the consumers who trusted those companies with their personal information. 

The 2023 Holiday Norton Cyber Safety Insights Report revealed that this holiday season cost consumers $1,500 on average while the Riskified 2023 Policy Abuse Report revealed retail companies themselves lost $101 billion to fraudulent returns, with most spiking during the holiday season. The combination paints a picture of adversaries using fraud to damage the trust and relationship between retailers and consumers.

Addressing Cybersecurity Challenges in Retail

Retail threats may bloom during the holiday season but they manifest year round. Even the adversaries that are waiting for the holidays to strike are likely taking the rest of the year to monitor the organization they plan to target. Adversaries want to go after low hanging fruit, and targets not making an effort to takedown fraudulent domains or make differences in their security framework are going to be seen as easier targets. Detecting, blocking, and reporting such domains can provide significant protection against these threats, often before the actor controlling the infrastructure has weaponized. Below are just a few of the challenges facing the retail industry that DNS can help address.

Consumer Phishing Discovery

Each month, more than 150 brands are hijacked in phishing attacks. Timely domain discovery can help thwart phishing and fraud campaigns before they are launched. Including investment in Adversary Infrastructure Analysis can help retail companies know if and when malicious domains and infrastructure are spoofing your assets before they can cause damage. Doing so will not only protect the internal organization but also protect customers and improve trust. Iris Detect captures key data on new domains, risk-scoring them within minutes of registration, and alerting on future changes, and enabling effective enforcement.

Fraud and Counterfeiting

Fraud is a threat that is not only used by adversaries to attack organizations and customers directly, but can be enabled to produce counterfeit goods, sell lesser quality versions of products under the same name and branding, and divert money from the hands of genuine retailers. Over one in six products sold today are counterfeit. Like phishing, fraudand counterfeiting often rely on spoof domains to reach and deceive consumers. To combat these threats, retail companies must identify networks or make connections between threats to better verify whether fraud has occurred. Iris Investigate enables retailers to map adversary infrastructure, streamline investigations, and uncover these connections faster.

Brand Protection

Keeping the previous two threats in mind, online brand fraud costs companies over $1 trillion worldwide annually. DomainTools monitors do the heavy lifting, capturing key data on new domains, risk-scoring them within minutes of registration, and alerting on future changes, and sending alerts as soon as changes are detected. Retail investigations and domain management efforts will benefit from our automated monitoring and alerting

Securing Online Retail Against Modern Cyber Threats

DomainTools provides advanced cybersecurity solutions for online retail, defending against phishing, fraud, counterfeiting, and other critical threats. Our tools go beyond traditional security measures, offering proactive defenses and strategic insights to help retailers navigate and mitigate complex cyber threats. Retailers using our services enhance their defense against the latest cybersecurity risks, securing financial assets and customer trust.

Security teams are making effective use of adversary infrastructure analysis to gain an edge against malicious actors. As retail storefronts strengthen, the resilience against phishing, counterfeit, and fraud grows, ensuring that every move by these adversaries is met with formidable resistance, prolonging the struggle and safeguarding the integrity of retail cyber assets. Learn more by reading our Best Practices Guide for Retail.