– B Swaminathan

During a festive season, picture this: you are browsing through a major online retailer’s Diwali sale, snagging great discounts on electronics and fashion, but within days, you receive a notification that your credit card has been charged for purchases you never made. From slashed prices on electronics to enticing bundle deals, these promotions spark a surge in online traffic, with websites and apps flooded by consumers looking to grab the best bargains. Rakesh Raghuvanshi, Founder and CEO, Sekel Tech speaks more on how brands face data leaks during the Indian festival season.

Why Indian brands always are vulnerable to cyber-attacks? 

The influx of shoppers however also puts immense pressure on brands, as they scramble to handle vast amounts of user data, increasing the risk of system overloads and making it challenging to safeguard sensitive information. It also harbours a heightened risk of data leaks that can leave brands and consumers badly affected. As people rush to take advantage of festive sales and irresistible deals, they often let their guard down, creating an ideal environment for cybercriminals to exploit. This surge in online activity and a lowering of guard exposes businesses, making them particularly vulnerable to data breaches and cyberattacks.

Topping the list of factors contributing to this risk is the sheer increase in online shopping during festivals. As the number of people taking to digital platforms to shop for gifts, decorations, and other festive items, cybercriminals see a lucrative opportunity to strike. Techniques like phishing emails and fake websites to lure unsuspecting shoppers into sharing sensitive personal and financial information are the most common approach. The seemingly fantastic deals offered through these platforms often blind consumers to the risks of online fraud and data theft.

What are the mistakes that happen on the user’s side for potential attacks? 

Another challenge is that people tend to be less careful when shopping during the festive rush. The excitement of finding the perfect bargain can cause individuals to skip reading the terms and conditions of websites, inadvertently agreeing to share more personal data than they might otherwise. Cybercriminals exploit this by embedding malicious links or requesting unnecessary permissions that lead to data leaks.

The festive season also rolls company resources thin. With employees distracted by the holiday spirit, year-end workload, and personal plans, maintaining strict cybersecurity practices can slip through the cracks. This makes it easier for cybercriminals to infiltrate company networks, particularly through employees working remotely on less secure devices or networks. With more traffic during the festive season and an overwhelmed IT staff, businesses may take longer to detect and respond to threats, giving hackers a wider window to make use of.

Can you please explain about the new holiday-themed attacks?

Cybercriminals are additionally also using social engineering techniques and taking advantage of holiday-themed phishing scams. These scams often involve fake discount offers, holiday greetings, or urgent notices designed to look authentic. Clicking on these links can lead to malware infections, putting both consumers and brands at risk.

For brands, the stakes involved are particularly high. A breach in data not only results in the loss of critical customer information but also tarnishes a company’s reputation. Trust, once broken, is difficult to rebuild, and the costs associated with recovering from a data breach—including legal fees, compensation, and infrastructure repairs—can be astronomical.

How do brands need to evolve and address such potential attacks?

In such an environment, both brands and consumers must stay vigilant. Businesses must ensure their cybersecurity measures are up-to-date and robust, particularly during the festive season. Simple steps like strengthening firewalls, conducting regular security checks, and training employees to recognise potential threats can go a long way in preventing data leaks. 

Moreover, brands should consider using trusted third-party services that specialize in data protection and are compliant with the Digital Personal Data Protection (DPDP) Act to safeguard their consumers’ information. These services offer advanced security tools and protocols designed to handle the surge in online traffic without compromising data security. For consumers, being cautious of deals that seem too good to be true, avoiding sharing sensitive information on unsecured websites, and taking a moment to read through terms and conditions can help protect their personal data.

The increase in online shopping, combined with relaxed vigilance, creates the perfect storm for data breaches. By taking proactive steps, both brands and consumers can enjoy the festivities without falling prey to cybercriminals.