• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar

Red Sift Blog

Cybersecurity for everyone

Red Sift Blog
  • redsift.com
  • Featured
  • Who are we?
  • Get in touch
You are here: Home / Email / 3 reasons why cyberattackers love Cyber Monday

3 reasons why cyberattackers love Cyber Monday

by Sabrina Evans
November 29, 2021November 30, 2021Filed under:
  • DMARC
  • Email

Cyber Monday 2021 is a big deal for ecommerce businesses and consumers alike. In 2020, Cyber Monday sales totaled an eye-watering $10.8 billion, making it the biggest ecommerce selling day of all time. 

It’s hard to imagine now, but there was once a time when online shopping was on the back foot. To compete with the brick-and-mortar-based Black Friday, Cyber Monday was created to drive online sales. Now, it’s a key date in the global shopping sales calendar, with businesses worldwide slashing price tags and opening their (online) doors to the deal-hungry masses. 

But while consumers benefit from big price drops and sellers see skyrocketing profits, it’s not all sunshine and rainbows. With shoppers actively on the hunt for outrageous deals, more frequent communications between business and buyers, and many retailers with no protection from email impersonation, it’s a fantastic opportunity for cybercriminals to roll out Cyber Monday phishing scams too. 

Here are 3 reasons why cyberattackers love Cyber Monday. 

1. More volume means more opportunity

Cybercriminals never miss a chance to make money, and most often the opportunities come when the volume of communication between retailer and consumer peaks. When it comes to online shopping, the majority of this communication is carried out via email. 

Campaign Monitor reported that 106 million emails were sent on Cyber Monday in 2017. With COVID causing a surge in ecommerce activity since then, as well as the general uplift we see in email volume each year, we can safely assume this number is significantly bigger now. So this, combined with a lack of adoption of key email security protocols, means that cybercriminals enjoy a perfect storm scenario for their criminal antics.

But there are ways for retailers to fight back against this barrage of attacks. If businesses can use technology driven by Artificial Intelligence (AI) in their email security arsenal, then cybercriminals will find it more difficult to take advantage. 68% of phishing emails blocked by gmail are now different day-to-day, and it’s no longer enough to rely on humans or rules-based technology to combat them. It’s more important than ever that retailers deploy smarter AI-based technologies that spot and predict patterns in attacks, preemptively shutting them down before damage is done.

email opens

2. Shoppers are on the hunt for deals

Usually, if a ‘too-good-to-be-true deal lands in your inbox, you’re likely to question it. As the old saying goes, if it’s too good to be true, it probably is. But to offer the best Cyber Monday deals, businesses are actively reducing price tags to appeal to savvy shoppers. So, it’s not just easier for scam offers and phishing emails to slip through the cracks, it’s more difficult for consumers to determine the real from the fake.

You could argue that the best way to avoid being scammed this Cyber Monday is to only shop at retailers you know and trust. But if these businesses aren’t DMARC protected, then they’re just as likely to be exploited and impersonated as any other business, and you’re no better protected against seasonal scams.

When it comes to impersonating a brand, bigger is better. If a well-known brand doesn’t have a strong DMARC policy in place, then criminals can leverage its existing reputation and loyal customer following to their advantage. It’s remarkably straightforward for cybercriminals to impersonate these big names, send out convincing phishing emails from their exact domains, set up bogus online stores, harvest the credit card details of unwitting victims, and taint the reputation of the spoofed brand for good.

3. It’s easy to impersonate businesses with no DMARC protection 

Recently, we found that 88% of the world’s top retailers still don’t have a sufficient DMARC policy in place, meaning they’re highly vulnerable to exact domain impersonation attacks. DMARC is an email authentication protocol which, when properly configured, works using existing protocols SPF and DKIM to stop bad actors impersonating your domain.

Because of a flaw in the SMTP protocol, cybercriminals are able to send phishing emails using a brand’s exact domain, leaving both their trusting customers and internal infrastructure open to attack, resulting in financial and data loss, and long-lasting reputational damage.

Exact impersonation makes spam emails so much more effective, and this is only amplified when consumers are expecting an influx of offers from retailers. If B2C businesses aren’t protecting their brand name and email communications this Cyber Monday, then they’re making it easy for cybercriminals to phish their customers and damage their hard-earned brand reputation.

DMARC adoption drives down Cyber Monday phishing

While it’s important for consumers to keep up-to-date on how to avoid falling victim to phishing scams this Cyber Monday, it’s just as vital that businesses are protecting them from these in the first place. By implementing the foundational email security measures such as DMARC, businesses not only safeguard their customers and supply chains, but also their business infrastructure, and reputation. 

At Red Sift, we believe cybersecurity is for everyone. That’s why we created OnDMARC, the DMARC tool that makes implementation straightforward and hassle-free. Why not try out a free trial below?

OnDMARC-Free-Trial

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)

Related

Tagged:
  • Cyber Monday
  • DMARC
  • email security
  • Phishing

Post navigation

Previous Post 6 ways to get your Black Friday and Cyber Monday emails noticed
Next Post 88% of global retailers risk losing consumer trust: Download our brand-new report

Primary Sidebar

Subscribe to our blog and be the first to get updates!

Categories

  • AI
  • BEC
  • BIMI
  • Coronavirus
  • Cybersecurity
  • Deliverability
  • DMARC
  • Email
  • Finance
  • Labs
  • News
  • OnINBOX
  • Partner Program
  • Red Sift Tools
  • Uncategorized
  • Work at Red Sift
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • October 2016

Copyright © 2022 · Milan Pro on Genesis Framework · WordPress · Log in