Which Cyber Threats Will The Retail and Hospitality Industry Face This Holiday Season?

New report predicts social engineering, ransomware, Scattered Spider threat actor activity will be among primary threats during the 2024 holiday season.

Holiday Season Cyber Threats
(Image: Adobe Stock / Generated with AI by alisaaa)

Fraud and ransomware are expected to plague the threat landscape facing retailers, hospitality, and travel businesses during their busiest season, according to a new Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) report. The annual Holiday Season Cyber Threat Trends report predicts that social engineering, ransomware, and activity from the Scattered Spider threat actor will be primary threats to retail and hospitality organizations during the 2024 holiday season.

The report also notes that social engineering attacks have increased in sophistication this year, and companies are reporting an increase in imposter websites, product-focused phishing attempts, and phone call-based social engineering.

Holiday Season Cyber Threats
(Source: Retail & Hospitality ISAC)

Top 5 Ways Fraudsters Will Try to Get What They Want This Holiday Season

Here are the top five ways Visa PERC expects fraudsters will attempt to take over accounts or steal data or funds this holiday season:

  1. Phishing and Social Engineering
  2. Scam Merchants
  3. Holiday Travel Scams
  4. Malicious Holiday Apps
  5. Physical Theft

Analysis of cyber threats reported during the last holiday season shows that ransomware accounted for 26% of all reported incidents, doubling from 13% in the previous year. This increase marked the first time ransomware overtook threats like credential harvesting and phishing attacks, signaling a significant evolution in the threat landscape facing consumer businesses.

“The increase in ransomware reporting reflects a global threat trend that saw reported attacks against our member organizations spike by nearly 100% in the latter half of 2023,” said Suzie Squier, president of RH-ISAC. “As we enter the 2024 holiday season, it’s crucial for the retail and hospitality industry to stay ahead of the curve by understanding the latest trends and implementing robust security measures.”

The report also highlights insights from Visa’s Payment Ecosystem Risk and Control (PERC) team, which identified a 284% increase in fake and spoofed merchant websites in the four months leading up to the holiday season. Additionally, employment scams saw a staggering 545% increase during the previous holiday season.

Read more about cybersecurity and business continuity issues from Continuity Insights.

Business Continuity, Cyber, Featured, Technology

Cyber Threats, Cybersecurity, Holiday Season, Holiday Season Cyber Threat Trends, Hospitality, Payment Ecosystem Risk and Control, ransomware, Retail, Retail & Hospitality Information Sharing and Analysis Center, Scattered Spider, security, , VISA

Sponsored Content
Featured Video

Webinars, Podcasts & Videos

Business Continuity Webinar

Did You Miss Our Latest Business Continuity Webinar?

It's not too late! You can still watch the “Business Continuity Exercise Planning and Facilitation Techniques To Start Now” video webinar.

facility resilience webinar

From Prevention To Action: The Role Of Facilities Management In Handling Emergencies And Maintenance

This free webinar on facility resilience will provide actionable strategies to safeguard assets, protect lives, and ensure operational continuity.

adaptive decision-making

Listen Now: Decision-Making During A Crisis

Robert C. Chandler, Ph.D, Founder and Principal of Emperiria discusses his research on adaptive decision-making in this podcast.

Receive the latest articles in your inbox

Share to...