- Статьи
- Science and technology
- Anti-hacking techniques: hackers are more likely to attack online stores before New Year's Eve
Anti-hacking techniques: hackers are more likely to attack online stores before New Year's Eve
The daily number of attacks on online shopping sites this December more than doubled the figures for this month in 2023. This was reported to Izvestia by cybersecurity companies. Now the growth of web attacks began already at the beginning of December, while in the past - only in the last week of the year. Most often, attackers use DDoS mechanisms, develop bot activity to reduce search results and conduct "abandoned cart" attacks. Retailers should strengthen their information security, as the closer to the New Year, the more intense the attacks will be, experts warn.
Hackers vs. retail
In the first half of December 2024, a significant increase in the number of web attacks on online retail companies was recorded, cybersecurity companies told Izvestia.
- On December 1, there was a sharp surge of web attacks on online retailers' sites- up to 453 thousand per day, - said Alexey Pashkov, head of WAF and Anti-DoS areas of Solar Group. - It should be noted separately that the daily number of attacks on websites in December this year more than doubled the figures for December 31, 2023 during the New Year's Eve sales.
The specialist emphasized that the increase in web attacks last December did not start until the end of the month.
Luca Safonov, technical director of Garda WAF, confirmed the increase in the intensity of attacks. According to him, this is due to the activation of fraudsters, competitive struggle, as well as geopolitical reasons and factors.
- The number of fraudsters and the variability of attacks is growing exponentially, increasing every year, - said the expert. - But the success rate of attacks is decreasing.
According to Kaspersky DDoS Protection, the number of hacks on protected e-commerce resources increased by 21% in the fourth quarter of 2024 compared to the third quarter of 2023.
- We expect the onslaught of attackers to intensify, especially in the last days of December, when the legitimate load increases due to New Year sales and the population's preparation for the upcoming holidays and weekends," believes Vyacheslav Kirillov, an expert at Kaspersky DDoS Protection.
In mid-December, compared to December 2023, the number of attacks, according to his data, increased by 16%.
Servicepipe (specializing in information security and protection of online resources from DDoS, bots and targeted attacks) also recorded a sharp spike in malicious activity on online retailers' resources, but starting from December 8.
- On average in the industry, the number of bot requests blocked by the company since this date is four times higher than the average number of blockings for the same period of time on average for the year and more than 40% higher than the same period last year, - said the head of the analytical department of the company Anton Chemyakin.
On average, he said, 480-500 million bot requests are blocked per day.
How stores are attacked
Vyacheslav Kirillov said thatthe most typical type of attacks for e-commerce is hacking at the application level using botnets.
Often bot attacks in the industry, namely parsing, serve as a kind of competitive tool - retailers simply look at each other's prices and upload catalogs, said Anton Chemyakin.
- At the same time, even parsing of unprotected resources may well lead to inaccessibility of services," he warned.
With the beginning of the pre-New Year consumer frenzy DDoS-attacks have intensified, the expert noted. Thus, one of the clients of a cybersecurity company faced an attack that reached 46.5 million requests per minute at its peak. At another online store, the attack lasted about 120 hours with an average capacity of 500 thousand requests per minute.
Luca Safonov added that hackers are also actively using DDoS, bot activity to reduce search results, "abandoned cart" attacks (depletion of stock balances of goods through multiple "abandoned" or fake orders), ford (use of fake accounts, to capitalize on marketing promotions and steal customers' bank cards), password-spreading (an attacker uses commonly used passwords to try to gain access to multiple accounts), and classic web application attacks.
This year, hackers decided to attack online stores earlier to deprive businesses of profits and users of their orders, said Alexey Pashkov.
- We strongly recommend online stores to set up application-level protection through Web Application Firewall, which includes protection from application-level DDoS attacks, from bots and targeted attacks by hackers," the expert said.
Web and mobile applications are the most important asset of online retail, so optimal protection requires an echeloned defense of Anti-DDoS, WAF, database protection and monitoring systems, added Luca Safonov.
To ensure the continuity of services regardless of the time of year and customer activity , online retailers need to implement solutions to protect against network and application-level attacks, agreed Anton Chemyakin.
- It is important that these solutions implement a flexible approach to traffic filtering that can protect an online store from malicious activity and at the same time will not prevent real customers from shopping," he emphasized.
According to the expert, in insufficiently flexible solutions to protect against attacks there is a risk of filtering a part of legitimate users, when some of the buyers entered the site from a foreign ip. Also such buyer systems can "throw out" real buyers from the site, if their activity will be similar to bot activity - 40 products in the cart, endless and disordered throwing around the site for goods of different categories.
Ramil Khantimirov, CEO and co-founder of StormWall, confirmed active attacks on retail last year. In this one, he said, attackers have become less likely to attack specific companies that survived in 2023.
- Hackers' interest this year is directed not so much at retail, but at cloud and Internet providers to disable the maximum number of victims," he warned.
How shoppers are being defrauded
Another major problem before the sale season is fraud against buyers, said iTPROTECT information security expert Eugenia Galushko.
- Modern marketplaces are completely safe from the point of view of service provision, so most of the schemes come down to getting a person to communicate outside the platform and either trick them out of their data or force them to transfer money to their personal account allegedly to get a discount or speed up delivery," she said.
As an example, there are cases when fraudsters use the "from abroad" delivery format for their purposes. Before the New Year people often buy equipment that is cheaper to bring from other countries. This is where opportunities for manipulation open up, starting with self-payment of duty or canceling the goods by "mistake" and ending with the transition to communication in messengers.
- This advice is not a guarantee of safety, but sometimes you can use the function of marketplaces to sort reviews, starting the issue with the worst, so you can clarify a little, whether you are dealing with a fraudster or not,- reminded the expert.
She also named the most popular schemes of scammers. Thus, attackers contact people on behalf of employees of well-known marketplaces and offer to rate goods in online stores. For this simple task, they promise a reward of over 5 thousand rubles per day. At the first stage, the attackers may even transfer a small advance payment to create an atmosphere of trust. However, they then demand that the user purchase a certain product, promising to return the money with a profit. After that, the victim loses his funds.
- The attackers send SMS messages with notifications about a supposedly delivered gift," said Yevgeniya Galushko. - To receive it, users are asked to confirm their identity by clicking on the specified link. Such messages look very convincing and can mislead even cautious people; the scheme works best on the eve of holidays, as people expect gifts from relatives, colleagues and partners.
Also before the holidays, fake websites are created to purchase tickets at favorable prices for various events. The expert warned that very often fraudulent resources look as similar as possible to the original sites and contain New Year symbols.
