Black Friday and Cyber Monday make or break the year for retailers. Sales soar and carts fill, but the same things that drive growth also draw in malefactors. According to a recent analysis by Thales, every click or login is an opportunity for cybercriminals to slip unnoticed into systems full of sensitive data.

If your retail business went offline during Thanksgiving weekend, how long would it take to recover? The loss of trust and money could be devastating.

When Doubt Meets Danger

Thales saw retail traffic climb 12% between October and November last year, a wave big enough to hide almost anything. Even the sharpest monitoring systems can overlook a seemingly innocuous login.

Consumer confidence is already thin: only 5% of respondents to the Thales 2025 Digital Trust Index fully trust the retail sector. Furthermore, nearly one in five users has been informed in the last 12 months that their data has been compromised.

Cracks Widen Under Pressure: Bots and APIs

Modern e-commerce relies on complex infrastructure, loading an average of 400 resources per site, many from third parties. Thales reveals that bot attacks now account for 37% of all internet traffic, overtaking human activity for the first time.

These aren’t basic bots; they use AI to mimic human behavior and bypass rate limits. 44% of advanced bot traffic now hits APIs, exploiting business logic (like discount loops or fake account creation) and slipping through traditional defenses.

Ransomware: The Silent Threat

Ransomware remains one of the retail sector’s biggest threats. Bad actors know that downtime during these dates can ruin a retailer’s year. A successful infection can lock customer data and stop transactions, leading many companies to pay the ransom just to resume operations—a trend that has more than doubled in recent years.

Defense Strategies: Beyond the Firewall

To stand up to this landscape, Thales recommends a holistic defense posture:

  1. Data Protection: Encrypt and tokenize sensitive details (payment and loyalty info) so they are unusable in the event of theft.
  2. Application Layer Security: Monitor client-side scripts to prevent Magecart-style attacks and protect APIs with real-time behavioral analytics.
  3. Strong Identity: Deploy passwordless authentication and contextual MFA to verify legitimate users without adding friction to the shopping experience.

Black Friday is both an opportunity and a danger. Retailers that see cybersecurity as a seasonal necessity will pay the price, while those who protect identity and data year-round will build the resilience needed to survive.

Source: You can read the full article at Security Boulevard.