With Christmas fast approaching, retailers are hustling to respond to customer enquiries, organise delivery orders and boost sales while customers bend over backwards to get the best gifts at the best price. In this mad rush there is ample opportunity for cyber criminals to take advantage of distracted employees and unsuspecting customers. Which is why its crucial retailers take actions like the below to protect both employees and customers against the increasing threat of phishing. 

Prioritise employee cybersecurity education

Phishing attacks continue to grow in popularity because, unfortunately, they work. Cyber criminals are experts in weaponising the simple act of clicking and employing social engineering tactics to wreak havoc on businesses and consumers alike. They’ve gotten so convincing now that is hard to tell them apart from legitimate emails with real documents and invoices. It’s an issue as old as the computer – getting users to not click on things they shouldn’t.    

While it may seem logical to not click on links from people you don’t know, a timely report recently found 61 per cent of Australian workers click on emails from unknown senders regularly. If employees are not educated about what modern phishing threats look like, they can’t be expected to effectively identify or defend against them. Which is why retail employers should commit to running regular phishing simulations and making sure all employees know how and where to report suspicious messages.

While it does take time to learn and integrate cybersecurity awareness training into day-to-day routines, there are simple steps, like using unique passwords for all logins and never enabling macros from a document, that can keep all online users safe this Christmas and beyond.

Secure customer data through smart tech investments

Along with increasing education and cyber awareness, retailers can invest smartly in cybersecurity software to help protect business continuity when it matters most during peak online shopping seasons like the holidays.

Additionally, the pandemic and now-abundant remote workforce has raised some issues with cyber hygiene habits. Speaking locally, the report states that around 1 in 4 Australian workers will use their personal devices for work-related tasks. This is a big issue since our numbers show that people are twice as likely to be infected using a personal device compared to a corporate-issued machine. This is because the average setup of those personal devices is not adequate. Which is why businesses should select a layered endpoint protection software that can protect against all vectors of attack and invest in a data backup solution to make sure that valuable data isn’t lost even in the event of a breach.

By combining the latest detection, protection, prevention and response technology with consistent training and education, retailers can tackle the people, process and technology combinations needed to successfully mitigate phishing and other attacks.

Promote transparent dialogue with customers

Taking the time to become aware of the latest cyber risks and attacks, like phishing, not only helps retailers eliminate business risks but also provides ROI in the form of building or maintaining brand trust. When customers and employees know cybersecurity is a priority for a business, they can feel more confident that their information is protected and valued. If a phishing attack does occur, retailers should follow the processes of data privacy laws like GDPR and notify customers immediately, along with recommended actions they can take to change passwords, etc.

One way in which customers and retailers can better work together to fight phishing scams is by incentivising customers to report scams they receive about a company directly to that company. When retailers are alerted, they should then promptly notify the wider customer base in a timely manner such as sending an email warning or sharing pertinent details on social media.    

Combatting phishing scams and cybercrime during the height of holiday shopping requires awareness and commitment. Retailers can play a bigger part than usual in keeping employees and customers safe by keeping the above advice and cybersecurity recommendations top of mind this holiday season.

Tyler Moffitt is security analyst at Webroot