NAVA warns about four security errors e-commerce businesses must avoid during Black Friday

Last Friday of this month marks Black Friday, a period characterized by promotions, but also by a considerable increase in fraud and scams. According to the 2024 Brazilian Public Security Yearbook, virtual fraud crimes could increase by up to 13.6% during this event. While much discussion surrounds how consumers can protect themselves from attacks, there are also strategies e-commerce businesses can adopt to prevent criminals from exploiting their information. 

The increase in online traffic and transactions during Black Friday puts e-commerce businesses at risk. To help companies prepare, NAVA Technology for Business shares four mistakes e-commerce businesses should be aware of to increase security during Black Friday.

1- Fragile technology infrastructure: Many websites are not prepared to handle the high volume of traffic. It is crucial to review all infrastructure elements, especially communication links, to ensure the stability of the digital environment.

2- Data security limited to Black Friday: Security must be an ongoing process, integrated into corporate governance, and not just a concern during a specific time of year, like Black Friday. Companies that invest in secure development, test, and implement robust security practices in their technology environment, whether cloud-based or on-premises, throughout the year will be better prepared to handle traffic spikes and threats.

3-Lack of Zero Trust concept: Traditional security controls may be insufficient for today's environment. Implementing a Zero Trust approach – which continuously validates users and devices – helps protect the digital environment more comprehensively.

4- Lack of team training: It is vital that e-commerce operations teams receive training throughout the year. Prepared professionals are better able to identify and resolve problems more efficiently during Black Friday.

Fraud Prevention

Beyond the aforementioned checks, companies need to adopt specific technical precautions in the virtual environment. Cloud-based e-commerce businesses must follow practices ensuring security and compliance, starting with defining security responsibilities, separating controls that fall to the cloud provider from those of the company itself. "Adherence to security standards, such as those of the Cloud Security Alliance (CSA), is also necessary to protect data and transactions. Regular reviews are recommended to ensure all security controls are correctly implemented and functioning with a high degree of reliability," says Edison Fontes, Chief Information Security Officer (CISO) of NAVA.

The executive also warns about the threat of increased AI use by cybercriminals. While AI can be an ally for businesses, organized crime is also using it for more complex attacks. The speed and volume of data that AI allows to be processed are exploited to increase the number and complexity of intrusion attempts. "Anticipating these threats involves investing in AI Monitoring that identifies suspicious behaviors that may indicate malicious AI use," the expert adds.