Is Your Website & APP Prepared to Stand Hackers on BlackFriday & CyberMonday?
Thanksgiving is around the corner. Customers are all set with their list of products they want to buy during thanksgiving. While the customers are ready with their list, as a website or app owner you must have also taken care of the following:
- Right set of facebook ads to attract more buyers
- Adwords campaign for your product keywords
- Last minute UI changes to your website
- Updating your latest product catalogue
- Floating around coupon codes at various websites
But one thing that you might have overlooked is security. Do you know that the intensity of cyberthreats on blackfriday & cybermonday is the highest during this time of the year. There have been instances where hacks have lead to companies being shut down. In an analysis conducted by securelist, financial phishing increases by 9% during thanksgiving weekend.
Why Prepare for Cyberthreats on BlackFriday & CyberMonday?
- The spike of customers on your shop works for hackers as they can hide in the crowd. Making it difficult for you to keep a track of every transaction
- Hackers need one vulnerability to hack your website, you need to find and fix all
- For hackers to find one loophole in your website is quite easy, a recent survey by Truswave pointed out that 99.7% of the websites have atleast one vulnerability!
- Just like you, hackers also prepare for these days because it’s a money making opportunity for them also
- Because hackers do not ask before hacking
A Few Instances of Hacks we’ve seen in the Past:
- One of the top e-commerce stores selling women merchandize only was targeted by hackers. Every product image on their website was replaced with an image of a frog:
After in-depth analysis it was found that this image had a malicious code appended to it. Hackers leveraged an un-patched vulnerability in Magento.
- Another interesting hack that hackers pulled of was creating legit looking fake pages on a website. These pages had products at super discount on display and payment gateways pointing to their own bank accounts. Since these pages were on the e-commerce website customers trusted, they got excited by the offers and ended up putting their credit card information there.
These Security Measures Aren’t Enough:
To assure that everything goes smooth during thanksgiving sales, basic security measures won’t be sufficient. As an online store owner, you should go one step ahead from the preliminary must-have security measures which include:
- Having a SSL
- Increasing your server resources
- Updating all the plug-ins
- Using latest version of the CMS
- Block open ports not in use
While these measures should be taken into account, an external security testing with focus on business logic flows should be done too. In addition, payment gateway testing is highly recommended.