Catastrophic events, like a pandemic, coupled with hasty technological change such as many people forced to work from home immediately, have been a rich environment in the past for phishers, who use deception to infect machines with malware, steal credentials, and invade corporate networks. However, malicious actors achieved only a marginal increase in success in 2020, according to a recent report.

Cyberattacks are increasing in frequency, ramping up the data privacy threats they pose to government agencies and businesses alike. Governments both domestic and foreign need to step up efforts to pass legislation that bolsters technological defenses this year, warn privacy groups. Stiffer privacy laws are gradually being reviewed and signed into the U.S. market. But that process is mostly taking place at the state level.

It should be prime time for shopping, but the pandemic has forced many consumers to tighten their purse strings. To help consumers -- and give e-tailers a heads up about better security -- the E-Commerce Times discussed holiday shopping issues with a panel of cybersecurity experts. They offered advice on how consumers can avoid buying counterfeit products; and analyses of how fake goods affect the broader retail market.

Healthcare records were digitized to help prevent medical errors such as misdiagnoses and mistakes with medication, but electronic health records have made it easier for bad actors to steal patients' highly personal information. Cybercriminals are further motivated by the fact that patient medical records are worth up to 10 times more than credit card numbers on the Dark Web.

To deliver exceptional customer experiences at-scale, retailers need to have their finger on the pulse of changing consumer expectations. Modern consumers expect checkout to be seamless and safe, no matter the digital channel or their geographic location. Let's look at best practices that retailers are using to revamp their checkout experience.

Users of video conference tools should be aware of the growing risk of impersonation attacks. Cybercriminals are capitalizing on the exponential increase of users turning to Zoom and other platforms to collaborate across work and friend networks. Researchers have identified attacks stemming from Australia, Germany, the U.S. and elsewhere.

Online bandits are decreasing their schemes against businesses but increasing COVID-19 scams aimed at consumers, according to a report released Tuesday by TransUnion. Suspected fraudulent digital transactions against businesses worldwide dropped nine percent from the lockdown phase of the pandemic to the reopening phase.

After crashing in 2019, Dark Web markets for stolen credentials rebounded during the first half of 2020, largely due to major shifts in consumer behavior caused by the global pandemic. Hacked accounts for delivery services and physical fitness brands are some of the highest priced items on the market, according to a recent report.

As consumers get more acquainted with shopping and banking digitally, it seems logical that more people would be inclined to pay their bills online. A recent survey of more than 3,000 adult consumers shows that nearly 70 percent prefer digital payment options, such as website and mobile app channels, to pay their one-time bills.

Google's Nest line of smart home products will be combined with ADT's security services in a partnership announced Monday by the two companies. As part of the agreement, Google will invest US$450 million into ADT to acquire a 6.6 percent interest in the security and smart home solutions provider. The deal gives Google access to an important channel for its smart home products.

The move by retailers to online and mobile selling to survive the pandemic has resulted in a significant increase in digital fraud activity. The "2020 True Cost of Fraud Study: E-commerce/Retail Edition" by LexisNexis Risk Solutions found this to be partly because some fraud control systems are outdated, and partly because of increased transaction volume.

If you conducted e-commerce transactions since the pandemic struck, you have probably been the target, or even a victim, of online fraud. A report from Sift titled "Q2 2020 Digital Trust & Safety Index" details a 109 percent increase in content abuse and growth of the fraud economy from January through May 2020.

Twitter on Tuesday notified business clients that their personal information, including email addresses, phone numbers, and the last four digits of their credit card numbers may have been compromised. Self-serve advertisers that viewed billing information on ads.twitter.com or analytics.twitter.com were affected. The issue occurred prior to May 20, 2020. However, Twitter only notified customers about it on June 23.

Category 2 adversaries are nothing to sneeze at, but their resources are finite. If you armor up enough, they will give up, and move onto an easier comparable target. In confronting the threat of category 3, everything you have learned ratchets up to a whole new level of paranoia. Category 3 adversaries have functionally unlimited resources for pursuing top targets.

Outdated or abandoned open source components are persistent in practically all commercial software, putting enterprise and consumer applications at risk from security issues, license compliance violations, and operational threats, concludes the Synopsys 2020 Open Source Security and Risk Analysis Report. The report highlights trends and patterns in open source usage within commercial applications.

A Dutch researcher has revealed a novel way to crack into a PC through a Thunderbolt port. The method, dubbed "Thunderspy" by researcher Björn Ruytenberg, sidesteps the login screen of a sleeping computer, as well as its hard disk encryption, to access all its data. "Thunderspy is stealth, meaning that you cannot find any traces of the attack. It does not require your involvement," he explained.

Like conventional criminals, criminal hackers choose easy, lucrative targets. One group in the crosshairs is made up of companies that have data on millions of users, such as private sector entities with a Web presence. Why go after one user at a time when data is collected in one place? Criminal hackers also like to hunt small organizations that have modest capital but weak information security.

More than any other factor, it is our asset that determines our adversary. For most of us, our asset is the corpus of sensitive personal details used for online transactions. This all comes down to how much data an adversary can glean from you, and how thoroughly it can analyze it. If your data passes through some software or hardware, its developer or maintainer enjoys some measure of control.

At this point, remarking that people now are more concerned about online privacy than ever before is not a novel observation. What's fascinating, though, is that interest in personal digital security has remained high since the issue exploded about seven years ago. In other words, instead of experiencing a short-lived spike, digital privacy awareness has been sustained. This is encouraging.

Zoom's paying customers will be able to choose the region they want to use for their virtual meetings. Paying customers will be able to opt in or out of a specific data center region, although they won't be able to change their default, which for most customers is the United States. Zoom has data centers in the U.S., Canada, Europe, India, Australia, China, Latin America, and Japan/Hong Kong.

Some states defaulted to mail-in ballots some time ago, and their elections are unconstrained by the pandemic. However, in many parts of the U.S. the prevailing attitude is that the Web lacks enough security for elections. That seems odd, given that we now use the Internet to manage our finances, our healthcare, our businesses, our travel -- and now our shopping, including for food.

Life as we knew it before the coronavirus is gone forever, and many changes will manifest in the pandemic's aftermath. How will it impact privacy laws around the globe? No one knows for sure, and we will not know until after the coronavirus is behind us. Cybercriminals long have been taking advantage of the Internet, and now the spread of COVID-19 has sped up their evil work.

Under ordinary circumstances, the average consumer can order a latte on the way to the coffee shop, book a last-minute trip to the coast, and come home to find groceries delivered -- all with the click of a button. What makes these transactions so smooth and effortless? It starts with account creation. Consumers increasingly are willing to create accounts with sites they interact with regularly.

Microsoft and partners have disrupted the Necurs botnet group blamed for infecting more than 9 million computers globally. There are 11 botnets under the Necurs umbrella, all apparently controlled by a single group, according to Valter Santos, security researcher at Bitsight, which worked with Microsoft on the takedown. Four of those botnets account for about 95 percent of all infections.

If you're an online retailer, congratulations are in order. Online holiday sales grew 18.8 percent in 2019 compared with 2018, according to Mastercard. Armed with new systems and processes -- as well as lessons from the past -- etailers were able to fulfill more orders than in previous years. E-commerce business leaders are already thinking ahead to the 2020 holiday season.

2019 was a milestone year for many in the payments industry, with contactless payments making up more than 50 percent of debit card transactions, and the good news doesn't end there. The consumer drive for seamless experiences is continuing to push the industry toward new innovations that will change the face of payments. So, what will 2020 hold for e-commerce and m-commerce?

We're only two months into a new year and already hundreds of millions of personal records have been compromised, including 123 million records from sporting retailer Decathlon and another 10.6 million records from MGM Resorts hotels. These announcements followed fuel and convenience chain Wawa's revelation that it was the victim of a nine-month-long breach of its payment card systems.

Firefox users in the United States are getting an extra measure of privacy protection starting this week, the Mozilla Foundation announced. Firefox Desktop Product Development Vice President Selena Deckelmann heralded the rollout of encrypted DNS over HTTPS, or DoH, by default in Mozilla's browser. The DNS, or Domain Name System, is one of the oldest parts of the Internet.

Eclypsium has released research that identifies and confirms unsigned firmware in WiFi adapters, USB hubs, trackpads and cameras used in Windows and Linux computer and server products from Lenovo, Dell, HP and other major manufacturers. Eclypsium also demonstrated a successful attack on a server via a network interface card with unsigned firmware used by each of the big three server manufacturers.

Ransomware hit at least 966 U.S. government agencies, educational establishments and healthcare providers in 2019, at a cost possibly exceeding $7.5 billion. The victims included 113 state and municipal governments and agencies; 764 healthcare providers; and 89 universities, colleges and school districts. Operations at up to 1,233 individual schools potentially were affected.