- Security TWENTY
- Women in Security
Where does online theft occur most? asks Terry Bishop, VP of technical services at the cyber threat intelligence company RiskIQ.
In many ways, the dark web has caught the imagination of the public as a shadowy realm of terrorists, drug smugglers and assassins. However, when mystique is dropped, the actual dangers the dark web presents to the public are little compared to the attacks that largely originate from the well-trafficked, open web. The problem is one of media romanticism. After all, even the name ‘dark web’ elicits a fascinating portrait of some sort of undercity to the open web, through which criminals do business and establish their bandit territories. As its name implies, the dark web is a subset of the deep web – the entire referenced and unreferenced internet – that is intentionally hidden, either behind credential pages or because content owners have blocked web crawlers from indexing its content.
Although it is true that the dark web is used to market drugs, stolen data, and weapons – and there is no shortage of criminals that make use of its anonymity – it is near impossible for an ordinary internet user to stumble into its realm. Accessing the dark web itself requires adept technological literacy and the use of a specialised Tor browser. Despite the dark web playing the role of the proverbial dark alley in the public imagination – where the unsuspecting internet user may be mugged by a cybercriminal – internet users are far more likely to encounter theft while perusing official, ‘safe’ corporate domains.
For example, when it comes to card skimming – conducted by shadowy cybercriminal groups such as Magecart – customer data is stolen when they use official websites. In these attacks, malicious skimming code is inserted by groups such as Magecart intro the fabric of legitimate websites, unbeknownst to owners and visitors alike. This was the case with British Airways in 2018 , where details of 380,000 customer credit card details were stolen. Customers were simply booking flights, with no indication that they were, in fact, being robbed.
With events such as Black Friday and Cyber Monday, the most important dates in the retail calendar, the issue of card skimming cannot be overstated. In fact, skimming solutions are now readily available to all who want to use them , and have recently successfully targeted large retailers, such as international retailer, Claire’s revealed in June 2020. The stakes are raised higher by the fact that the ongoing pandemic has pushed customer interaction online on a mass scale, and thieves will be after a chunk of these increased online sales.
Through the open web, internet users will also be targeted by groups making fraudulent use of official brands to trick them into giving up their information. The problem is again heightened this year, as the influx of traffic towards the web will include many new users, who would have traditionally shopped in brick and mortar establishments. This likely older demographic is vulnerable to be preyed upon through fraudulent apps or nefarious websites that fool them through impersonating widely known brands.
Underlining the issue even before the global pandemic, in 2019, RiskIQ researched cybersecurity attitudes amid online consumers with worrying results. The research found that 75 percent of those surveyed said they would download a shopping-related app if it offered a steep discount. Yet, more than 58 percent of consumers said they do not check who the developer is before downloading an app.
On the web, RiskIQ found that 75 percent of respondents said they would purchase with a retailer they have never shopped with before if they offered a steep discount. These numbers are especially concerning this year, as those shopping online will have less experience. Cybercriminals will know this and ramp up their efforts to defraud unsuspecting buyers accordingly.
The glossy websites corporations create on the open web can hide the dangers that exist for customers when they make purchases online. After all, these websites themselves may be inserted with malicious skimming code, or the customer could be interacting with a well-designed imitation website created to defraud them.
This is not just a problem for consumers, as when a company’s website or brand is co-opted to steal from a customer, the reputational fallout is huge. Buyers will sensibly avoid sites and brands through which others have been victimised in the past. If customer data is stolen – and the company is shown to have been negligent – it may also be hit with a massive GDPR fine for its trouble.
To guard against the threat to their business and to their customers, it is upon companies to have excellent vision into how their online assets exist on the open web; to spot criminal activity before the customer is victimised. And while the dark web will continue to generate media interest, the biggest stories of theft in 2021 will likely take place on the open web and though official websites.