Brazilian e-commerce is expected to move over 234.9 million reais in 2025, according to ABComm, representing a 15% increase compared to last year. The growth in digital sales also attracts the attention of cybercriminals, who refine their practices against retailers and consumers to steal and hijack data, take down online stores, or fraudulently exploit promotions in emails, messages, and fake websites.
Beyond the negative impact on consumers, an attacked or cloned online store can bring financial losses and damage to the brand’s reputation. Given the possibility of scams, expert Eduardo Gonçales, CISO of TIVIT, a Brazilian multinational that connects technology for a better world, lists some precautions for retailers to sell without headaches:
Ensure availability – Site stability is crucial for operations to function fully, even during traffic spikes, preventing the store from losing sales due to technical issues. Besides investing in technological infrastructure and security solutions, protection against so-called denial-of-service (DDoS) attacks is essential. These attacks aim to direct an abnormally high volume of simultaneous traffic to a specific address until it becomes congested and unavailable.
Explore the web – Include in your processes routines of threat intelligence, or brand monitoring, to research mentions of the company and its executives in forums across different layers of the internet, including the dark web and deep web, where all kinds of attacks are commissioned and architected. With this type of scanning, it’s possible to detect plans to redirect traffic from your site to fake pages on the internet or social media, preventing unauthorized or fraudulent sales of products under your brand.
Educate employees to protect their data – Market research indicates that the main entry points for malware used in phishing and ransomwareattacks, which encrypt data in exchange for a ransom, are the employees themselves. Most often, due to lack of knowledge, there is carelessness in handling suspicious emails, connecting USB devices, accessing compromised websites, or using vulnerable software. With remote work, the use of personal devices connected to corporate networks has also increased. Besides technology and processes, employee awareness is one of the essential pillars to ensure data security and avoid operational paralysis.
Perform backups and validate their integrity – To minimize the risks of service interruption and ensure quick and easy data recovery, it’s crucial to have a consistent backup system, periodically tested to validate its content and integrity, as many attacks start by compromising backups before impacting production environments. Additionally, it’s essential to maintain documentation cataloging all servers and establish a data recovery sequence in case of disaster, reducing data recovery time.
Validate your code repositories – A massive infection campaign targeting e-commerce stores is underway under the name Hubberstore, where the attack originates from malicious JavaScript code used to extract personal and credit card data.
The recommendations in this case are as follows:
- Keep systems updated, including operating systems, services, and frameworks used on websites.
- Periodically review the code in your repository and production environment to identify potential injections of malicious artifacts.
- Follow secure development best practices—a good reference is OWASP.
- Analyze logs and audit trails, preferably using a correlation system logs(SIEM), to identify vulnerability exploitation attempts.
- Implement multi-factor authentication (MFA) at key entry points and in your main code development environments, such as repositories and CI/CD (continuous integration and delivery) solutions.
Control and restrict access to information – Ensure users have minimal privileges and restrict access to those who truly need it, with periodic reviews and recertification. Implementing network segmentation minimizes the risk of an attack spreading rapidly and uncontrollably, preventing major financial impact and losses. Finally, use a password vault solution to enhance security for privileged access.
