VIENNA, VA (November 19, 2024) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) released its annual Holiday Season Cyber Threat Trends report, revealing that fraud and ransomware are expected to plague the threat landscape facing retailers, hospitality, and travel businesses during their busiest season.
The report predicts that social engineering, ransomware, and activity from the Scattered Spider threat actor will be primary threats to retail and hospitality organizations during the 2024 holiday season. Additionally, the report notes that social engineering attacks have increased in sophistication this year, and companies are reporting an increase in imposter websites, product-focused phishing attempts, and phone call-based social engineering.
Analysis of cyber threats reported during the last holiday season shows that ransomware accounted for 26% of all reported incidents, doubling from 13% in the previous year. This increase marked the first time ransomware overtook threats like credential harvesting and phishing attacks, signaling a significant evolution in the threat landscape facing consumer businesses.
“The increase in ransomware reporting reflects a global threat trend that saw reported attacks against our member organizations spike by nearly 100% in the latter half of 2023,” said Suzie Squier, president of RH-ISAC. “As we enter the 2024 holiday season, it’s crucial for the retail and hospitality industry to stay ahead of the curve by understanding the latest trends and implementing robust security measures.”
The report also highlights insights from Visa’s Payment Ecosystem Risk and Control (PERC) team, which identified a 284% increase in fake and spoofed merchant websites in the four months leading up to the holiday season. Additionally, employment scams saw a staggering 545% increase during the previous holiday season.
###
Media Contacts
Annie Chambliss
RH-ISAC Marketing & Communications
[email protected]
About RH-ISAC
The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) is the trusted community for sharing sector-specific cybersecurity information and intelligence. The RH-ISAC connects information security teams at the strategic, operational, and tactical levels to work together on issues and challenges, to share practices and insights, and to benchmark among each other – all with the goal of building better security for consumer-facing industries through collaboration. RH-ISAC serves businesses including retailers, restaurants, hotels, gaming casinos, food retailers, consumer products, and other consumer-facing companies. For more information, visit www.rhisac.org.