Call us now: +604-222 8915 | Mon - Fri: 9:00 - 17:00
Call us now: +604-222 8915
Mon - Fri: 9:00 - 17:00
Retail cybercriminals are shopping for credentials more than credit card details these days, according to a new report from human risk management cybersecurity company KnowBe4.
Cyberattacks in retail are on the rise. Attack frequency rose by 56 percent in 2023 compared to 2022, putting retail in the top five industries targeted by cybercriminals (behind technology, consulting and professional services, financial services, and healthcare). But attackers’ targets are changing.
The Global Retail Report 2025 published on Monday found that credential harvesting has become the predominant cyber threat to retailers, accounting for 38 percent of all compromised data in 2023. Credential harvesting involves capturing sensitive user information—including login details, browser session cookies, payment card details, autofill data, and more. Payment card data theft dropped from 37 percent to 25 percent of all compromised data.
“This trend may be due to increased controls on card usage by banks,” the report said. “In contrast, stolen credentials allow attackers to bypass standard authentication processes and gain immediate access to personal accounts. Access to session cookies, along with login details, enables attackers to bypass passwords and two-factor authentication (2FA).”
What makes retail a frequent target for hackers? The industry has some unique vulnerabilities built into its operations and business model, the report said.
Seasonal events and changes. Holiday sales and back-to-school season often leave retail workforces overextended, resulting in employee turnover and an influx of seasonal employees with limited cybersecurity awareness.
“IT teams may also grow stretched over the season as they deal with new waves of cyber alerts and insufficient time to stay on top of the growing sophistication of methods of attack, creating a ‘perfect storm’ of risk,” the report noted.
Third-party dependencies. Retailers rely on networks of outside vendors for payment processing, logistics, shipping, and other services, and each vendor presents a potential entry point for threat actors.
Multichannel operations. Modern retail involves multiple channels, including online, in-store, mobile, and hybrid shopping models. A vulnerability in any one element can compromise the entire network, the report said.
Franchise vulnerabilities. Semi-autonomous franchises can create inconsistencies in security policy.
“Single franchises may lack resources or knowledge in effective implementation of security practices,” according to the report. “A compromised franchisee can negatively impact the franchisor’s reputation and brand.”
Social engineering and phishing attacks are most frequently used to try and compromise retailers’ systems and gain access to sensitive data or credentials. KnowBe4 research found that the average Phish-prone Percentage (the percentage of employees who are prone to click on a phishing link, per KnowBe4 testing) is 34.3 percent—meaning more than one in three employees are inclined to interact with malicious emails. That percentage increases in large companies with more than 1,000 employees, which have a PPP of 42.4 percent.
After a year of education and simulated phishing tests, these rates improve notably, reducing to 18.3 percent in large companies. In retail and wholesale companies with sustained training, the average PPP dropped to right around 5 percent.
Source: ASIS Online
Image: Freepik
