The Brazilian e-commerce is expected to generate more than 234.9 million reais in 2025, according to ABComm, representing a 15% increase compared to last year. The growth of sales in the digital environment also attracts the attention of cybercriminals, who refine their practices against retailers and consumers in order to steal and hijack data, bring down virtual stores, or defraud promotions in emails, messages, and fake websites.
In addition to the negative impact on consumers, an attacked or cloned virtual store can bring financial losses and harm the brand’s reputation. Faced with the possibility of scams, the specialist Eduardo Gonçales, CISO of TIVIT, a Brazilian multinational that connects technology for a better world, lists some precautions for retailers to sell without headaches:
Ensure availability – The stability of the site is essential for the operation to function properly even during periods of increased traffic, thus avoiding the store from ceasing to sell due to technical problems. In addition to investing in technological infrastructure and security solutions, protection against so-called Distributed Denial of Service (DDoS) attacks, which aim to direct a much higher volume of simultaneous accesses than normal to a specific address until it becomes congested and unavailable, is essential.
Explore a web – Include threat intelligence or brand monitoring routines in your processes to search for mentions about the company and its executives in forums on different layers of the internet, including the dark web and deep web, where all kinds of attacks are ordered and orchestrated. With this type of scan, it is possible to detect plans to redirect traffic from your site to fake internet pages or social media, avoiding improper or fraudulent sale of products with your brand.
Raise awareness among employees to protect their data – Market research indicates that the main entryways for malwares used in phishing and ransomware attacks, which encrypt data in exchange for a ransom, are the employees themselves. Often, due to lack of knowledge, there is carelessness when dealing with suspicious emails, connecting USB devices, accessing compromised websites, or using software with vulnerabilities. With remote work, the use of personal devices connected to the corporate network has also increased. In addition to technology and processes, raising awareness among people is one of the essential pillars to ensure data security and avoid operational disruption.
Realize backup and validate its integrity – In order to minimize the risks of service interruption and ensure that data can be quickly and easily recovered, it is very important to have a consistent backup system, tested periodically to validate its content and integrity since many attacks start by compromising the backup and then impact the production environment. Additionally, it is essential to have documentation with a catalog of all servers and ensure the data recovery order in the event of a disaster, reducing data recovery time.
Validate your code repositories – A massive infection campaign in e-commerce stores is underway with the name Hubberstore, the attack occurs from a malicious JavaScript code used for personal data and credit card information extraction.
The recommendations in this case are as follows:
- Keep systems updated, including operating systems, services, and frameworks used on the sites.
- Periodically review the codes in your repository and production environment, seeking to identify possible injections of malicious artifacts.
- Follow best practices for secure development, a good reference is OWASP.
- Analyze logs and audit trails, preferably using a log correlation system (SIEM), in order to identify attempts to exploit vulnerabilities.
- Implement a multi-factor security solution (MFA) in key entry points and in your main code development environments like repositories and CI/CD solutions (continuous integration and delivery).
Control and limit access to information – Ensure that users have the least privilege and restrict access to those who really need it, ensuring their regular review and recertification. Implementing network segmentation minimizes the risk of an attack spreading rapidly and uncontrollably, avoiding significant impact and financial loss, and finally, use a password vault solution to enhance security for privileged access.
