On the last Friday of this month, Black Friday takes place, a period characterized by promotions, but also due to a considerable increase in frauds and scams. According to the Brazilian Yearbook of Public Security 2024, virtual fraud crimes can increase by up to 13,6% during this event. While much is discussed about how consumers can protect themselves against attacks, there are also strategies that e-commerce businesses can adopt to prevent criminals from taking advantage of their information.
The increase in traffic and online transactions during Black Friday puts e-commerce at risk. To help companies prepare, NAVA Technology for Business shares four mistakes that e-commerce businesses should pay attention to in order to increase security during Black Friday
1- Fragile technology infrastructureMany websites are not prepared to handle the high volume of traffic. It is essential to review all elements of the infrastructure, especially communication links, to ensure the stability of the digital environment
2- Data security limited to Black Fridaysecurity must be a continuous process, integrated into corporate governance and not just a concern at a specific time of the year, like the case of Black Friday. Companies that invest in secure development, we test and implement robust security practices in the technology environment, whether in the cloud or local, throughout the year they will be better prepared to face traffic peaks and threats
3-Lack of the Zero Trust concept:traditional security controls may be insufficient for the current scenario. Implement a Zero Trust approach – that continuously validates users and devices – helps to protect the digital environment more comprehensively
4- Lack of team trainingIt is vital that the teams responsible for the e-commerce operation are trained throughout the year. Prepared professionals are able to identify and solve problems more efficiently during the Black Friday period
Fraud Protection
In addition to the mentioned checks, companies need to adopt specific technical precautions in the virtual environment. Cloud e-commerce must follow practices that ensure security and compliance, starting with the definition of security responsibilities, separating the controls that belong to the cloud provider from those of the company itself. "Adherence to safety standards", like those from the Cloud Security Alliance (CSA), it is also necessary to protect data and transactions. Regular reviews are recommended to ensure that all security controls are properly implemented and functioning with a high degree of reliability, affirms Edison Fontes, Chief Information Security Officer (CISO) of NAVA
The executive also warns about the threat of increased use of Artificial Intelligence by cybercriminals. Although AI can be an ally for companies, organized crime also uses it for more complex attacks. The speed and volume of data that AI allows to be processed are exploited to increase the number and complexity of intrusion attempts. "Anticipating these threats involves investment in AI Monitoring that identifies suspicious behaviors that may indicate malicious use of AI", completes the specialist
