The holidays are just around the corner, and with it comes the inevitable holiday shopping rush. In fact, holiday shopping can account for up to 30 percent of annual sales for online retailers.  As Black Friday kicks off what is expected to be another lucrative online holiday season, there are vast opportunities for cybercriminals to steal shopper’s information through spoofed websites, malicious coupon code links, and phishy marketing campaigns. Any downtime resulting from an attack can severely impact holiday profits, not to mention annual revenue. This time of year, it’s more important than ever that ecommerce businesses make cybersecurity a top priority in order to protect their website, customers, and bottom line.

Additionally, consumers should be aware of the risks that exist online to defend their information proactively. Being cyber-aware while shopping online is the new reality for consumers, and it becomes even more imperative during the holiday season. 

Holiday Shopping Revenue Reaches New Heights

For most ecommerce businesses, especially smaller ones, Black Friday jumpstarts the ultimate money-making time of year. In fact, the National Retail Federation (NRF) forecasts holiday sales will grow to between $727.9 billion and $730.7 billion in 2019.  As holiday shopping revenue reaches new heights, the number of internet shoppers continues to grow as well, with 55 percent of all holiday gift purchases now occurring online.

The online shopping trend is not going away anytime soon. Digital shopping offers the convenience, exclusive deals, and an abundance of options that brick and mortar businesses can’t compete against. With this continued uptick in predicted spend, ecommerce retailers need to place a stronger emphasis on cybersecurity than ever before.

The Damage of a Black Friday Breach is Far-reaching

In preparation for Black Friday, online retailers are likely stocking up on merchandise to fulfill the influx of orders. Unfortunately, it only takes one breach to wreck the holiday cash flow for your business. According to recent SiteLock research, 56 percent of consumers said they would wait longer than one month to shop again on a retailer’s website that compromised their information. That means if a retailer is breached on Black Friday, shoppers won’t be ready to return until after Christmas — sacrificing most of this season’s profits.

When it comes to cyberattacks – no brand is immune – regardless of business size. In fact, 39 percent of consumers are unlikely to shop at a bigger, popular brand if that retailer compromised their information. Since these bigger brands typically have the deep pockets and resources to bounce back quickly, the impact usually isn’t as significant. However, if a smaller, lesser-known online retailer experiences a breach, a whopping 42 percent of consumers are unlikely to shop on their website again. This can have serious consequences for those small businesses, including damage to their brand and reputation, decreased revenue, and lost customers. Since 48 percent of consumers do not believe small online retailers properly store their data online in the first place, it would take a holiday miracle to restore your customers’ confidence after a breach.

Securing the Online Shopping Experience

Ecommerce retailers depend on their customers for success and profitability during the holiday shopping season. If customers do not feel confident shopping on your site, it could cause serious damage to your holiday revenue. In fact, 66% of consumers are concerned about their personal data being stolen as a result of shopping online.

So, what can small ecommerce businesses and consumers do to help protect themselves and ensure a safe and profitable holiday season?

Here are our tips for small businesses to be proactive about cybersecurity ahead of the holidays:

  • Clean house – Be sure to review your systems and web applications regularly to ensure they are updated. You should also remove any applications you are not using as an added security measure. This helps keep all your business systems malware- and infection-free.
  • Don’t store it if you don’t need it – Your business should remove any sensitive customer data such as credit card and bank account information that’s not essential to your business. Even better, avoid storing this confidential information in the first place to protect yourself and your customers from bad actors.
  • Reassure shoppers – Small retailers should ensure they are using a secure shopping cart and an SSL to encrypt data, such as credit card details. Additionally, displaying a security trust badge, which verifies the website has been tested regularly and been cleared for vulnerabilities and malware, is an excellent addition to instill customer confidence in your website.

Consumers should also be hyper-aware when it comes to protecting their personal information when shopping online. Here are our tips for consumers to ensure a safe and secure online shopping experience this holiday season:

  • Monitor your credit – Check your credit card statements and credit score for discrepancies or unusual activity. If you notice anything out of the ordinary, contact your bank immediately.
  • Use secure networks – Only complete online transactions when you are connected to a secure Wi-Fi connection. Or, you can secure your connection with a virtual private network (VPN). Do not purchase gifts or share personal information on a public or unprotected network. That means no holiday shopping at your favorite coffeehouse unless your connection is secured with a VPN.
  • Defend your data – Before sharing any confidential information, confirm that you are shopping on a secure website. Look for the “https” at the beginning of web addresses or the closed padlock to signify an encrypted website.
  • Update your information – Changing online store passwords regularly will help protect your information from bad actors. Also, make it your new best practice never to save payment information online.

Other Holiday Shopping Scams Consumers Should Know

Cybersecurity threats are not only increasing; they are becoming more difficult to spot. This is especially true during the holidays when consumers are often flooded by numerous online deals and special offers that appear too good to be true. If you want to be a security-savvy consumer, you need to be aware of these risks and become extra vigilant to protect yourself against them:

  • Phishing scams – Be wary of scam emails promoting deals that are too good to be true or requesting you to open attachments or follow links. Phishing links or malicious attachments are often hidden in seemingly innocent emails. If you are unsure, delete it!
  • Fake shopping apps – Consumers may see a new shopping app claiming to offer huge discounts on name-brand merchandise. To ensure a secure shopping experience, you can download the app directly from a retailer’s website, verify the retailer created the app before you download it from the app store, or shop via a retailer’s mobile-optimized website. 
  • Cloned websites – Bad actors can easily clone a website to resemble your favorite online stores. They will likely send you a link via email asking you to input your login information, then quickly redirect you to the real website. You should not click a link from an unsolicited email that takes you to a website and asks for your confidential information.

By focusing on cybersecurity best practices and taking proper security precautions, ecommerce businesses can help safeguard their customers, protect their profits, and ensure ongoing success in the New Year!

Here are more interesting findings from our 2019 consumer research:

  • 53% of shoppers who said they are very likely to return to a large retailer after a breach, said they’d do the same for a small retailer.
  • 50% more millennials experienced a retail breach than their boomer parents.
  • Gen Z are twice as likely to return to a retailer than Boomers.
  • 72% of Gen Z shoppers say all online retailers are doing enough to protect their personal information. 54% of Millennials, Gen X, and Boomers share a similar sentiment.

Monique Becenti is a product and channel marketing specialist at SiteLock, a cloud-based website security provider currently protecting more than 12 million websites globally. Monique is passionate about improving the customer experience for all. SiteLock’s combination of dedicated research and developmental efforts, aggressive product road maps, and access to a massive global data set make the company a leading innovator in web security.