How Your Customer’s User Journey Influences Cyber Resilience

There are potential cyber threats lurking at each point of a customer’s journey and companies need to be made well aware of what these are in order to take the necessary steps to secure their business and protect their customers. Surprisingly, 96% of security leaders in a recent survey have stated that the digital customer experience is a priority for their organization. Of these, 44% say the increase in frequency and sophistication of fraudsters is the primary driving force to improve security within their digital channel.

Dan Pitman, Principal Security Architect at Alert Logic, emphasizes, “It doesn’t matter how large or small the company, cyber attacks have become so sophisticated and are increasingly automated that no business is immune.”

Crucially, businesses with an omnichannel presence have an obligation to protect three primary assets; their customer information, their brand and employees. As more businesses move towards online market spaces and utilize social media for eCommerce purposes, it’s important for them to understand the factors affecting consumer decisions.

CyberInt’s Co-Founder, Itay Yanovski says, “These experiential elements depend on IoT and other technologies that use open wireless networks — a big security issue since these devices could expose vulnerable attack points, in addition to today’s emerging cyber threats and expanding attack vectors. Retail security executives have their jobs cut out for them.”

Most shoppers, a whopping 87%, say social media influences their purchasing decisions. It’s equally important for businesses to understand the threats against customer data; 64% of all compromised data is payment data (e.g., credit card details), and 16% of all breaches specifically target customer data.

In our previous blog, we discussed three steps organizations should take to create a secure customer experience model. This blog will focus on the various vulnerabilities at each point in the customer journey.

Protecting The Three Assets

Company assets are divided into three main categories. Each of these assets have data, infrastructure or logical properties that need to be protected.

1. Customers

When it comes to protecting customers, the data they provide is highly valued and targeted by cyber criminals. Information such as Personally Identifying Information (PII) and payment data obviously need to be protected, but other information related to the customer journey including credentials, shopping preferences, and club member details are important too.

2. Employees

Employees have login credentials, VPN access, and emails that are valuable accounts that can be leveraged by attackers. Employees’ access to payment information and discount benefits is also a source of abuse. Endpoint devices that employees use to perform their job need protection too, such as mobile devices, laptops, and desktops.

3. Brand Elements

Protecting the brand includes many facets. Establishing customer trust is an important component of successful brand management and should be actively pursued and maintained. Branding, such as proprietary merchandise, images, and videos need to be protected from misuse. Physical locations such as stores and distribution centers, and IT infrastructure, online platforms, and software applications need to be secured. Business processes are also vulnerable to compromise; refunds, shipping, pricing, and other processes and policies can be exploited by loopholes.

The Customer Journey

Stepping through the customer journey, we can see how these different assets can be exploited by attackers. The following expands on each access point and the associated threats.

Goods and Services Discovery

To kick off the journey, customers often find goods and services through marketing campaigns and merchandise displays. Threat actors can exploit these marketing assets by employing Google ad hijacks, botnets, and taking over abandoned subdomains.

Successful attacks can result in the exposure of customer PII, spamming customers with fraudulent emails, and brand abuse from copycat websites.

Customer Login

At the point of login, businesses have enabled the omnichannel experience, thereby offering customers multiple avenues to make a purchase. While this increases sales it also increases the attack surface. There’s the potential for phishing scams against customers that can result in account takeover. If a customer logs into a copycat channel, there’s a risk of brand abuse as well.


When placing an order, the order management process may check for real-time stock availability among other processes. During this order process, there’s a potential for sensitive data leaks and cart/bag abuse. If the process contains any loopholes or flaws in the configuration, there is a risk of fraudulent orders and artificial out of stock schemes.

The Shopping Cart

During the checkout process, attackers can insert payment card skimmers via Javascript injection. Attackers may also attempt carding or credit card stuffing. These attacks can result in elevated chargebacks, and payment data loss.

Check Out & Delivery

The checkout and order processing segment of the shopping journey is one of the most vulnerable to attacks. This is where customers are inputting their personal information and payment information. In addition, a lot of cloud applications are involved to process credit card transactions and update supply chains. This exchange of sensitive data along with connections to third party services and suppliers creates multiple avenues ripe for an attack. Once a purchase has been made, the warehouse management process begins. The human factor now comes into play. Dishonest employees can be a source of data leaks and internal breaches.

Customer Service

The process of merchandise returns and refunds is a popular target for fraud. The dark web is ripe with refund scams for sale, either as a service or detailed instructions on how to work the scam.

Taking Action Against Cyber Threats

Organizations should assess their current levels of cyber resilience, and implement threat-centric detection and response tools. Brand protection and fraud protection can be accomplished with a continuous analysis of an organization’s social media accounts, hashtags, websites, brands, domains, and other digital assets and profiles. Alerts of any potential risks can initiate remedial action in the form of takedowns and additional investigations.

The customer experience is critical to success, but the customer, employees, and the brand need to be protected for continued growth. It’s important to breakdown the customer journey into each of the steps to ensure every phase of the journey is secured. Taking these proactive steps can prevent data breaches and bring mitigation of incidents from months to hours.

Uncover your compromised credentials from the deep and dark web

Fill in your business email to start