Cyber attacks on the rise around Black Friday & Cyber Monday

Tysers Insurance Brokers |


The upcoming Black Friday and Cyber Monday sales bring a surge in website traffic to online retailers, with many preparing for the biggest sales period over the next few months. However this period can also bring increased cyber threats, with many cyber criminals looking to exploit both businesses and customers alike during this busy shopping time.


Some of the main threats for retailers include:

Hand giving credit card to criminal


Card Skimming malware (malicious software) is used by cyber criminals to acquire customer card details from e-commerce websites at the point of sale. This is often achieved by hackers targeting a vulnerable website server (or a server used to host multiple websites) and inserting malicious skimming code into the website. Once this has been implemented, unsuspecting customers enter their credit or debit card details at point of sale, unaware they are not on a secure checkout page and their payment details are stolen (or skimmed) by cyber criminals in real time.


Businessman hand holding money banknote for paying the key from hacker for unlock laptop got ransomware malware virus computer. Vector illustration technology data privacy and security concept.


Ransomware is a type of malware designed to block access to a computer system until a sum of money is paid. Ransomware encrypts a user’s or businesses critical data so they are unable to access important files or applications. Once ransomware encrypts critical data and applications it is often impossible to decrypt files without the key provided by the attacker after the ransom is paid, which is usually demanded in bitcoin or other cryptocurrencies.

Cyber criminals may target online retailers during key trading times such as Black Friday and Cyber Monday as they know these are key trading times for many businesses and therefore potentially more likely to pay the ransom to gain access to critical systems and resume trading.

Phishing, hacking account, identity theft - isolated flat vector illustration.

Social Engineering

Social engineering is the art of manipulating people, so they give up confidential information. This often utilises methods like Phishing where criminals impersonate organisations or people via email, text message, or other means. Criminals do this in order to steal sensitive information, obtain money or deploy malicious software (such as ransomware) onto the victim’s infrastructure via malicious email attachments or links.


How can you reduce the risk of cyber attacks?

This is an isometric illustration of people taking a course on computer security.

Cybersecurity and training

Robust cybersecurity is essential to protect your business, and it’s important to invest in some cybersecurity measures regardless of business size or industry. You should always ensuring firewalls and antivirus software are up to date, regularly update your payment software and install any security patches from third party payment vendors.

It is also equally as important for your employees to have up to date training to stay ahead of the increasingly sophisticated methods used by cyber criminals.


2fa Two factor authentication password secure notice login verification code Notice with code fo sign in Two steps factor verification via laptop and phone Mobile OTP method Vector flat illustration

Secure Password Policies and Multi-Factor Authentication

Ensuring your business has secure password policies which require both employees and customer to choose strong passwords is essential to reduce the risk of password attacks. Employees should also be asked to change passwords regularly.

Multi-factor authentication should also be implemented across the business, to ensure websites and programmes where confidential or sensitive information is stored are more difficult for hackers to access. Learn more about Multi-factor authentication here.


Insurance policy concept, data security, business concept vector illustration

Cyber and Crime insurance

Cyber insurance cover helps your business offset the costs of recovery after a cyber-related security breach, loss of data, a ransomware attack or a similar event. A comprehensive cyber insurance policy will provide financial compensation for the direct costs incurred to the business and any liabilities payable to third parties following a cyberattack, a data breach or loss of data.  A cyber crime policy will cover financial losses to the business following an attack, such as fees for the support of expert negotiators and payment of ransom demands.

Many policies also offer Cyber Breach Response Support, which is an invaluable resource when dealing with cyber-attacks. These services can include crisis containment, PR and reputation management and independent legal advice.

Latest News & Insights