Don’t discount your Cybersecurity this Black Friday and Cyber Monday

The traditional shopping experience has changed drastically over the last few years due to the Covid-19 Pandemic. Most businesses have been digitizing an increasing number of their processes and are relying on online channels to connect with their customers more than ever before. 

Black Friday used to be just that, a single (Fri)day. Nowadays, for an increasing number of retailers, it has become a week where they present their best deals to customers, and is often seen as the beginning of the festive shopping season.

A recent consumer research report published by PwC revealed that during Black Friday and Cyber Monday, 37% of consumers were interested and may buy (up 2% from 2021), whilst 24% of consumers stated they will definitely buy – matching 2021 levels. Although the cost-of-living crisis will have an impact, demand is still higher than 2020 levels where only 16% of consumers planned to purchase in the Black Friday period.

With most retailers viewing online as a key channel for their Christmas sales ramp-up, we’ve put together a few, easy-to-implement recommendations that will help keep the surge of online shoppers safe from cybercriminals.

1. Enforce Two-Factor Authentication (2FA)

Most software solutions allow you to implement Two-Factor Authentication in their login procedure. They also allow you to implement and enforce it at an administrator level so that all users are protected. This ensures that, in the event that a user’s password is compromised, third parties won’t be able to access a company’s systems and data.

2. Keep your systems up to date

Although a fairly well-known topic, with the pervasive threat of new cyberattacks, it’s vital to keep systems updated. Most systems can either be updated remotely or set so that updates are automatically installed as soon as they become available.

3. Beware of attachments 

Communications with customers and suppliers are at risk of impersonation by third parties, who can include many different types of malware within emails. Make sure you consider if the email is expected and if you know who the sender is. Attachments with unknown extensions should be treated carefully and if in doubt, you should always report it to your IT/Security teams. Anti-phishing solutions like OnINBOX can help empower end users by evaluating inbound emails and giving warnings and additional information about whether they should trust the email or report it.

4. Follow Procedures and implement anti-phishing training

An increased number of emails appearing in customers’ inboxes during the holiday season can make it difficult to spot phishing attempts from cybercriminals who look to take advantage of this surge in transactions. Skipping a critical verification can be the open door that a cybercriminal may be waiting for. Make sure employees know and implement all company procedures.

Training can further help with the practical implementation of your procedures and raise awareness about the risks that attachments can pose. Having a thorough understanding of both company procedures and how to interact with suspicious emails will help lower the risk of cyberattacks. 

5. Monitor your DMARC Reports

DMARC is an email authentication protocol that blocks email impersonation, allowing you to see the volume of illegitimate traffic sent from your domain. It’s recommended that you keep an eye on your DMARC reports on a regular basis. If a cybercriminal is trying to use your domain to send illegitimate emails, DMARC will alert you to this. Additionally, you can see if any of your email-sending services go out of configuration, which will negatively impact your email deliverability.

6. Be careful when processing supplier’s emails

Email authentication protocols like DMARC are well known to a number of companies and are recommended by several organizations such as NCSC. A number of companies have already implemented DMARC to protect their domain and stop email impersonation. However, there are still a vast number of companies that haven’t yet deployed DMARC so every email from your supplier needs to be checked carefully. 

The fact that the email has a “from address” from your supplier doesn’t guarantee that it comes from them.

Anti-phishing solutions can help to spot a number of these emails but be aware that their rules-based approach is subject to change and won’t necessarily capture all possible scenarios. Employees should look out for changes to bank accounts and delivery addresses and if ever in doubt, check with your IT/Security teams about how to follow the company procedures. 

7. Investigate every report from your employees 

In many cases, an email with simply no text or apparently inconspicuous text could be the preamble for a bigger cyberattack. Cybercriminals may be phishing for information in what appears to be an innocent email e.g. trying to get an auto-reply from an employee to find out when they’re on holiday. It’s always better to raise the alarm and be wrong, than not to do anything and put yourselves or the company at risk. 

Technology provides opportunities for businesses to not only improve and automate their operations but also communicate more effectively with their customers. As digital transformation continues to progress, it’s important we keep security top of mind and not an afterthought. If you build a digital “entrance” to your shop, make sure you apply a digital “lock” to keep your company and your customers safe.

Red Sift’s Digital Resilience Platform solves for the greatest vulnerabilities across your complete attack surface, and email is a key part of this. If you’re looking to improve your email security or would like to discuss ways in which we can help improve the cybersecurity of your business, get in touch with our team.


Red Sift

22 Nov. 2022



Recent Posts


Preventing certificate related violations in cybersecurity frameworks:  A guide to certificate monitoring…

Rebecca Warren

TLS is one of the most widely adopted security protocols in the world allowing for unprecedented levels of commerce across the internet.  At the core of the TLS protocol is TLS certificates. Organizations must deploy TLS certificates and corresponding private keys to their systems to provide them with unique identities that can be reliably…

Read more

Red Sift ASM & Red Sift Certificates: the missing link in your…

Billy McDiarmid

According to Gartner, Attack Surface Management (ASM) refers to the “processes, technology and managed services deployed to discover internet-facing enterprise assets and systems and associated exposures which include misconfigured public cloud services and servers.” This broad category of tooling is used within Continuous Threat Exposure Management (CTEM) programs, with many vendors within it having…

Read more

The best tools to protect yourself from SubdoMailing

Francesca Rünger-Field

In late February 2024, ‘SubdoMailing’ became a trending search term overnight. Research by Guardio Labs uncovered a massive-scale phishing campaign that had been going on since at least 2022. At the time of reporting, the campaign had sent 5 million emails a day from more than 8,000 compromised domains and 13,000 subdomains with several…

Read more
Product Release

Red Sift’s Spring 2024 Quarterly Product Release

Francesca Rünger-Field

This early into 2024, the cybersecurity space is already buzzing with activity. Emerging standards, such as Google and Yahoo’s bulk sender requirements, mark a new era of compliance for businesses reliant on email communication. At the same time, the prevalence of sophisticated cyber threats, such as the SubdoMailing campaign, emphasizes the continual hurdles posed…

Read more