Netskope Threat Labs has released a report warning the retail sector to be vigilant that, unlike other industries where Microsoft OneDrive is both the most popular app used and the most popular app for malware downloads, Google apps are the main conduit for malware in retail.
While OneDrive is the most popular app used in retail, Google Drive and Google Gmail took the top two spots for malware delivery in the sector. Trojans are the primary attack mechanism, tricking retail users into downloading other malware payloads. Many of the malware families aim to steal banking information, credentials, personal info and credit card information.
The popularity of WhatsApp is also well above the other sectors – on average, WhatsApp use in retail is three times more popular in retail than other verticals, ranking only behind OneDrive in terms of both uploads and downloads. This poses a serious risk not only because WhatsApp is a common delivery channel for malicious content such as malware or phishing pages, but also because these numbers suggest that the retail sector is using a personal instant messaging app as an enterprise collaboration tool, increasing the risk of data theft or data exposure – a WhatsApp message can be easily forwarded for example.
“Attackers abuse cloud apps to fly under the radar and evade traditional security controls that do not inspect cloud traffic,” advises Ray Canzanese, Director of Netskope Threat Labs. “As the holiday shopping season approaches, retail employees and consumers must both be extra vigilant, as phishing, credential theft, and malware activity related to retail tends to increase at the end of the year.”
While the frequency of cloud malware delivery in retail generally follows the pattern of other industries over the past 12 months, peak times – such as April, May and June this year – showed a comparatively high number of malware being delivered via cloud apps in retail. In April, for example, 70% of the malware delivered to retail were via cloud apps – 10% more than other industries.
The report finds that Google Drive, Google Gmail, and WhatsApp are among the top five most popular apps for downloads in retail – and all three are significantly more popular than they are in other industries:
- Google Drive is used by 34% of retail users vs 19% in other industries
- Gmail is used by 21% of retail users vs 13% in other industries
- WhatsApp is used by 17% of retail users vs 5.9% in other industries, making it more popular than Sharepoint
Netskope Threat Labs therefore recommends retail organizations take the following steps to review their security posture:
- Conduct thorough inspection of HTTP and HTTPS downloads to prevent malware infiltration.
- In-depth analysis of high-risk file types before download, leveraging advanced threat protection.
- Configure policies to block unnecessary app downloads and uploads, reducing the risk surface.
- Implement an Intrusion Prevention System (IPS) to identify and block malicious traffic patterns.
- Adopt Remote Browser Isolation (RBI) technology for enhanced protection during website visits.
5 comments
Make your online presence unforgettable with Flickerlink’s AI image generation and QR codes.
I have read some excellent stuff here. Definitely value bookmarking for revisiting. I wonder how much effort you put to make the sort of excellent informative website.
I was suggested this web site by my cousin. I’m not sure whether this post is written by him as no one else know such detailed about my trouble. You are incredible! Thanks!
Wow, superb weblog format! How lengthy have you
been blogging for? you made blogging look easy.
The entire look of your web site is magnificent, as well as the content!
You can see similar here sklep internetowy
Hello! Do you know if they make any plugins
to help with SEO? I’m trying to get my blog to rank for some targeted keywords but I’m not seeing very good
success. If you know of any please share. Cheers!
You can read similar text here: E-commerce