Online retailers will need to remain as resilient as possible to combat increasing cyber crime in the wake of a pandemic surge in online shopping, according to David Emm, senior security researcher at cybersecurity provider Kaspersky, on this episode of The Insuring Cyber Podcast.
“We hear all the time about attackers managing to break into company systems and steal information, so the onus is on [e-retailers] really to make sure that they are as resilient as possible,” he said.
A 2022 research report from Kaspersky, titled “The Cyber Risks of Last-Minute Holiday Deal-Seeking,” shows that holiday shoppers faced a laundry list of cyber risks in 2022, and Emm said that is likely to continue this year. Banking Trojan attacks, a form of malware used to steal payment data, nearly doubled last year compared to the year before. In the meantime, phishing attacks, fake online stores and other scams are still frequently targeting online shoppers.
To learn about how these threats might affect specific groups of shoppers differently, Kaspersky surveyed 2,000 American adults from Oct. 20-24 last year about their online shopping and security habits. Thirty-eight percent of all respondents said they’ve had credit or debit card details stolen and used fraudulently in the past.
“The pandemic really gave a big impetus to online shopping because, of course, at various times over the two years when it was at its peak, people really didn’t want to go out,” Emm said. “Because there was a big push toward online transactions, this gave more scope to attackers, because suddenly they had a bigger pool of potential victims that they could ensnare.”
James Moore, entrepreneur and co-founder of InsurTech platform PorchPals, said later on this episode that he observed an opposite trend with the physical risks of online shopping, such as package theft. PorchPals is a platform that provides insurance for package theft through its PorchCare product. Alongside his co-founder, NFL cornerback Adoree’ Jackson, PorchPals debuted its package protection service in California and has plans to expand nationally this year.
“It’s interesting because during [the COVID-19 shutdowns, package theft] actually dipped a little bit,” he said. “We were all waiting on our packages to arrive. It was like the excitement of the day, you know. We couldn’t really go out.”
However, since then, package thefts are back up and growing. 2022’s fifth annual package theft report released by Safewise in partnership with Vivint Smart Home found that three in four Americans have had a delivery stolen from their home. The report noted that around 260 million packages disappeared from porches across America throughout 2022, based on its latest survey of 1,000 Americans, which is 50 million more packages that were stolen compared to 2021’s results.
“Since we’ve opened back up and people started traveling again, it’s just taken off,” Moore said. “The theft has become more rampant, partly driven by some economic conditions here in the states with inflation.”
With this in mind, Moore said consumers can sign up for PorchPals’ PorchCare product online for the cost of $120 annually or $15 monthly.
“You are covered for an unlimited amount of package that hit your porch, but we do limit our members’ claims to three claims per year with a $2,000 aggregate,” he said. “And that’s based on a lot of research that we did during the discovery process.”
Inflation isn’t just affecting physical theft, either. Emm said it has also caused consumers to be more susceptible to data theft and cyber attacks in some cases while online shopping. In fact, Kaspersky’s survey found that almost one in five – or 18 percent – of respondents said inflationary pressures would make them more willing to shop on a site that strikes them as sketchy, if the offer is good enough.
“What these people who are fishing for information are trying to do is to catch us off guard, because at the end of the day, nobody, when they’re thinking rationally, is likely to click on some of these links,” he said. “But what they’re trying to do is to make sure that we’re not thinking rationally. So, you know, it’s an offer that looks really good and it’s time limited. Or they’re doing it at a particular point in the year when they know everybody’s really busy. Or they’re picking up on some topical issue, and it could be a natural disaster, it could be a war, or it could be something like Valentine’s Day — something which is going to evoke an emotional response from us rather than a rational one.”
Emm said the key to avoid falling victim in these situations is to always think twice.
“They always say when you’re doing DIY projects to measure twice, cut once,” he said. “It’s the same with this. Think twice about something before you actually go to the site. Is it too good to be true? Is that the URL you’ve typed in yourself or one you’ve just clicked on? Can you find reference to that offer on the site? Is it legitimate?”
For e-commerce sites, it’s equally important to use extra caution in order to take care of their consumers, he added.
“E-commerce sites need to make sure that they secure all of the computers within their network with a reputable solution and to make sure that they themselves remain aware of what the threat landscape looks like,” he said. “It may well be that this involves talking to companies that can provide detailed threat intelligence, which explains to them what the potential risks are in their particular sector. I think it’s about being aware of the value of the information they hold about their customers and securing all of their endpoints.”
When it comes to physical theft, Moore echoed that taking care of consumers is at the front of his mind with the PorchPals platform.
“I feel like where we sit in the value stack is that while we can’t stop individuals from stealing packages off of your porch, we hope to provide a solution that will at least allow you to recover the value of the things that were lost to you in the theft and, through that journey and process, to make it a lot easier for you to recover your dollars lost,” he said. “Honestly, if it’s one member or a million, my sole focus right now is to make sure that we take care of our members no matter what.”
Check out the rest of this episode to hear what else Emm and Moore had to say, and be sure to check back for new episodes of this podcast publishing every other Wednesday along with the Insuring Cyber newsletter. Thanks for listening.