As Retail Businesses Shift Online, Hackers Getting More Sophisticated


As more retailers sell online, hackers are capitalizing on the surge in online shopping with increasingly sophisticated methods of stealing data.

A study by NuData, a Mastercard company, confirms how hackers are becoming progressively more sophisticated in their tactics as retail businesses shift online.

In the ‘2020 H2: Fraud and Risk at a Glance’ report, NuData analysed cybersecurity trends in 2020. The research found that in the second half of 2020, 76% of retail attacks were sophisticated with attackers using sophisticated scripts that imitate human behavior.

Retail Hackers Using Advanced Tactics

In the same period, 45% of IP addresses used in attacks were new instead of reused. This proves how hackers are using significantly more advanced tactics to improve the success of their attacks.

2.6% of stolen credentials used in attacks in the second half of 2020 were successful. This marks an almost twofold increase in the average percentage of successful attacks in the first half of the year, which stood at 1.4%.

The report provides invaluable insight into the growing prevalence of hacking as the popularity of online shopping escalates. In being aware that cybercrime targeting online retailers is on the rise, businesses can take the necessary steps to protect themselves.

As the authors of the report write:

“Companies must be ready to detect these attacks from the start and block them effectively – and do so without impacting legitimate users who are trying to access a company’s goods and/or services.”

Rise of Human-Driven Attacks

As well as using more complex software scripts, hackers are turning to another tool to bypass security protections – humans. The report found that ‘old’ hacking methods, including bot-detection tools, CAPTCHAs, and other technology that mitigate basic automation, are becoming increasing less effective. Consequently, cybercriminals are looking for alternatives to sidestep security defenses, particularly when targeting high-value accounts, such as loyalty points.

One such option is to use humans. Hackers are turning to using human farms to complete online tasks, such as posting reviews, creating new accounts, and solving CAPTCHAs.

NuData’s research found that during the summer of 2020, there was a four-month spike in attacks using human labor. Within the financial industry, there was a 350% increase in human-driven attack traffic during this period compared to the 2020 average.

What Can Online Retailers Do to Protect Themselves?

NuData reiterates the importance for small businesses to never drop their guard even if they see a low overall attack traffic.  The report also points to the need to adapt strategies to stop cyberattacks from the start and block them effectively. The challenge is finding a way to block attacks without impacting legitimate users who are trying to access goods or services online.

According to NuData, tools that include biometrics and behavioral analytics are crucial to identifying tell-tale patterns in human farm behavior. Such patterns include how they type personal information into a farm or how far they move the mouse.

The full ‘2020 H2: Fraud and Risk at a Glance’ report can be downloaded here.

Image: Depositphotos

Gabrielle Pickard-Whitehead Gabrielle Pickard-Whitehead is a staff writer for Small Business Trends and has been a member of the team for 7 years. She is based in the United Kingdom and since 2006, Gabrielle has been writing articles, blogs and news pieces for a diverse range of publications and sites. You can read "Gabrielle’s blog here.".