It’s that time of the year again! Time for family, gifts, excessive eating, and … cybercrime.

In our Holiday Edition of the GTIC Monthly Threat Report, NTT Security analysts focus on several topics aimed at helping you to safely navigate this holiday shopping season.

First, NTT Security analysts take a look into the broader topic of keeping your online finances in tact this holiday shopping season (at least from a security standpoint; sorry, we can’t control your spending!). With what was record-breaking spending over the Black Friday through Cyber Monday weekend – and beyond – data theft via online cyber crime may also be at an all-time high.

Magecart, a collective of unrelated groups which skim credit card data from infected websites, is just one of the threats consumers face. During 2018, over 319,000 instances were observed – 90,000 of which were from August through October, alone – and that number is sure to rise, given its success 

And NTT Security threat researchers noted that Apache Struts vulnerabilities are again high on attackers’ wish lists, as retailers are being heavily targeted, with 58% of all attacks attempting to leverage Apache Struts vulnerabilities. Overall, application-specific attacks accounted for 68% of all attacks against retail clients in November, particularly targeting public-facing servers.

Internet of Things (IoT) devices continue to be heavily targeted – especially since default login credentials are available for exploitation. If there is ONE POINT to hammer into users’ security strategies it is this: CHANGE YOUR DEFAULT LOGINS AND PASSWORDS – not only on IoT devices, but on common network devices like routers. In addition to preventing access to your home and business networks, securing IoT devices can help to prevent IoT botnets, which could be used to launch further attacks.

Many preventative practices are common sense, while others may be less obvious. Consumers and clients are urged to consider mitigation and security-related recommendations in this month’s GTIC Monthly Threat Report – it could save your holiday!