7. Mobile app hacks
Hackers target vulnerabilities in a retailer’s mobile app to gain control of it and potentially access confidential business or customer information.
Financial/operational impact
- Compliance penalties for loss of customer information
- Financial losses to repair
mobile app
Customer experience impact
- Customer data exposure
- Poor shopping experience
6. Gift card hacks
Perpetrators tamper with gift cards or use bots to crack the combinations, and use them to make purchases.
Financial/operational impact
- Financial loss
- Reputational damage
Customer experience impact
- Customer data exposure
- Poor shopping experience
Customer experience impact
- Customer data exposure
- Poor shopping experience due to ensuing security measures
Financial/operational impact
- Financial loss
- Business and IT disruption
Cybercriminals impersonate a retailer, customer, or supplier and email phishing links to employees and customers to steal money or implant malware. This is especially common during the holiday shopping season.
5. Phishing/spoofing attacks
Customer experience impact
- Exposed banking information/theft
- Customer mistrust
Financial/operational impact
- Reputation damage
- Business and IT disruption
Perpetrators use point of sale (POS) machines to copy customers’ debit or credit cards. Malware or fraudulent POS machines may be used.
4. POS skimming
Financial/operational impact
- Financial loss
- Reputation damage
Customer experience impact
- Customer data exposure
- Poor shopping experience if in-store systems are affected
Fraud or cybersecurity breaches occur with vendors who provide operational/digital services, which then compromise a retailer’s systems. In some cases, phony vendors target retailers.
3. Third-party vendors
Customer experience impact
- Inaccurate inventory
- Customer data exposure
- Negative branding/ consumer mistrust
Financial/operational impact
- Network/system exposure
- Business/product information breach
2. IoT devices/retail hardware
Hackers gain access to connected retail hardware (order shipment trackers, inventory management software, etc.) to infiltrate a retailer’s system.
Customer experience impact
- Inaccurate inventory
- Potential stock-outs
Perpetrators create a fake receipt, claim ordered goods never arrived, or use a stolen credit card for an online purchase — then request a refund or exchange.
Financial/operational impact
- Financial loss
- Loss of goods
- Lost staff time
1. Online refund fraud
150M users were affected after the breach of a U.S. retailer’s mobile app in 2018.4
30% of phishing emails get opened.3
$81 is the average cost per compromised record of a data breach in Canada.2
150M users were affected after the breach of a U.S. retailer’s mobile app in 2018.4
7. Mobile app hacks
Hackers target vulnerabilities in a retailer’s mobile app to gain control of it and potentially access confidential business or customer information.
Financial/operational impact
- Compliance penalties for loss of customer information
- Financial losses to repair
mobile app
Customer experience impact
- Customer data exposure
- Poor shopping experience
6. Gift card hacks
Perpetrators tamper with gift cards or use bots to crack the combinations, and use them to make purchases.
Financial/operational impact
- Financial loss
- Reputational damage
Customer experience impact
- Customer data exposure
- Poor shopping experience
30% of phishing emails get opened.3
Customer experience impact
- Customer data exposure
- Poor shopping experience due to ensuing security measures
Financial/operational impact
- Financial loss
- Business and IT disruption
Cybercriminals impersonate a retailer, customer, or supplier and email phishing links to employees and customers to steal money or implant malware. This is especially common during the holiday shopping season.
5. Phishing/spoofing attacks
$81 is the average cost per compromised record of a data breach in Canada.2
Customer experience impact
- Exposed banking information/theft
- Customer mistrust
Financial/operational impact
- Reputation damage
- Business and IT disruption
Perpetrators use point of sale (POS) machines to copy customers’ debit or credit cards. Malware or fraudulent POS machines may be used.
4. POS skimming
Financial/operational impact
- Financial loss
- Reputation damage
Customer experience impact
- Customer data exposure
- Poor shopping experience if in-store systems are affected
Fraud or cybersecurity breaches occur with vendors who provide operational/digital services, which then compromise a retailer’s systems. In some cases, phony vendors target retailers.
3. Third-party vendors
Customer experience impact
- Inaccurate inventory
- Customer data exposure
- Negative branding/ consumer mistrust
Financial/operational impact
- Network/system exposure
- Business/product information breach
2. IoT devices/retail hardware
Hackers gain access to connected retail hardware (order shipment trackers, inventory management software, etc.) to infiltrate a retailer’s system.
Customer experience impact
- Inaccurate inventory
- Potential stock-outs
Perpetrators create a fake receipt, claim ordered goods never arrived, or use a stolen credit card for an online purchase — then request a refund or exchange.
Financial/operational impact
- Financial loss
- Loss of goods
- Lost staff time