According to official figures by the Office for National Statistics (ONS), retail sales volumes increased by 1.4% in November, accelerating from a 0.8% increase in October.  

The figure is better than expected, with analysts having forecast that growth would remain steady at 0.8%.  

The month was boosted by non-food sales in stores, which increased by 2%. The ONS said that this was particularly boosted by the 2.9% growth in sales at clothing retailers, which saw sales surpass pre-pandemic levels for the first time. 

The ONS said sales volumes across retail were now 7.2% higher than levels seen in February 2020. 

“Retail sales picked up in November, boosted by strong Black Friday and pre-Christmas trading,” said Heather Bovill, deputy director for surveys and economic indicators at the ONS.

“Clothing stores fared particularly well and have exceeded their pre-pandemic level for the first time. Computer, toy, and jewellery retailers also reported robust sales this month.”

“With more consumers choosing to visit the high street and retail parks, the proportion of online sales continued on a downward trend, to their lowest level since March 2020,” Bovill added.

Yet last year, according to industry specialist GBG, over 18,000 fraud attempts were made against each UK retailer on average during the period between Black Friday and the January sales.

Sarah Whipp Head of Go to Market Strategy at Callsign argues that during busy periods such as Black Friday and Cyber Monday, businesses are under pressure to balance the fraud with customer experience, but they must be careful not to let the latter slip.

At the same time, banks have to foot the bill when it comes to a majority of this type of fraud, so they have a vested interest to not let their retail customers to get complacent when it comes to security.

Given the incredibly high volume of transactions over the coming weekend, and indeed the whole festive period, often merchants will accept that fraud will be higher than usual. However, they are often willing to take the hit because it will be worth it for the extra business as long as there is no long-lasting reputational damage. Indeed, the financial costs of fraud are now borne by banks as well as merchants and Black Friday fraud is a growing challenge for financial institutions.

This is set to change next year. With Secure Customer Authentication (SCA) coming in for merchants in 2021 they may be well advised to make hay now with a lower security bar. In the future they will need to make sure they have trusted merchant status and that they manage their pricing to take into account of SCA exemptions to have a premium user experience. Next year, merchants need to partner closely with issuers (banks) to manage this situation.

3D Secure could throw another spanner in the works for banks whose customers are online retailers that use it to avoid chargebacks. It can massively complicate treatment strategy as the payments are verified by the likes of Visa, Mastercard Secure Pay and Amex Safekey, therefore the liability is mainly with the card issuers and banks.

To deal with the issue, merchants should use agile IT systems to their advantage. For example, if a retailer’s system has the functionality to modify fraud appetite policy dynamically (including adding in extra fraud checks), then they may want to lower the bar initially to gain the maximum number of sales. Then, if they were to spot a high degree of fraud attempts they could ramp up prevention measures on the fly. Of course, the impact on the customer and the risk of possible reputational damage needs to be kept at front of mind at all times.

In 2018, consumers spent a record-breaking $6.22 billion while shopping on Black Friday. Similarly, Cyber Monday sales alone set a record $7.8 billion on spending. Consumer spending on holiday retail is expected to increase 4.5% to 5% this year, rising to more than $1 trillion.

Just as frequently as sales pop up around the holidays, so do global fraud attempts. With increased exposure to spam and hackers, businesses of all sizes should prepare to stay safe during the biggest shopping spree of the year. The importance of cybersecurity and protecting against malware, hackers and cyber-attacks is elevated for individuals and businesses alike during the holiday shopping season.

 The heightened risk can be attributed to increases in shopping and online traffic. This time of year, individuals receive an amplified number of emails related to shopping and online purchasing. Hackers, in turn, know individuals are more receptive to targeting than ever and will often attempt to make a person click a link for a fake deal or coupon.

Businesses are only as safe as their cybersecurity strategy is, and employees are subject to threats and can be prone to receiving illegitimate emails. Companies must properly arm their employees with the knowledge of potential risks, especially all the techniques hackers use around the holiday season. Whether it’s free offers, pop-ups or coupons, ensuring employees are aware of malicious tactics is the most important safety exercise.

Organisations should encourage employees to be cautious through company-wide emails, hosting training sessions and mentioning tips during staff meetings.

Hackers are continuously targeting businesses and trying to get employees to click on links or open attachments by creating fake addresses, names and attaching malicious documents. During November and December, employees may use their work emails and computer programs to do personal holiday shopping or gift-giving.

Hackers may also try to infiltrate a company’s website or intranet. This can happen at any time and may already be underway if the company’s website is not properly configured. While it may seem obvious, an important first step is instructing employees to use secure passwords and implement multi-factor authentication wherever possible. If insecure processes are used, hackers may be able to get malware onto machines and into the company infrastructure. Another primary business risk to be aware of is false wire transfers. With the heightened level of online transactions, it’s crucial to keenly monitor accounts payable.

The best strategy to avoid falling prone to a cyberattack is awareness among an organisation’s employees.

Cybersecurity awareness can be disseminated across a company in a number of ways. Organisations should encourage employees to be cautious through company-wide emails, hosting training sessions and mentioning tips during staff meetings. The more the message is in front of the employee, the more likely it is to be effective. Top preventative tips for employees include visiting known website addresses instead of following links from other platforms, being alert at all times and using multi-factor authentication.

Businesses can keep hackers out by encouraging employees not to click on questionable links, taking the time to pay attention to threats and having multi-factor authentication in place. Firewalls also serve as a crucial layer to cybersecurity. The more barriers a company can put up in front of hackers, the more difficult it will be to compromise a system.

The holidays are a heightened time of vulnerability for consumers and organisations alike.

Company leadership should also arm employees with reactive steps to take if they do fall victim. Employees should be aware that they need to immediately report the potential hack or questionable activity to the organisation’s IT team. The sooner the activity is reported, the better. Once reported, the IT team can investigate the matter and potentially prevent harm to the system before it occurs.

Every IT department should have an incident response plan in place in the event any data is compromised. If there is a breach, proper planning will outline the appropriate authorities to contact and resources available to help with recovery from the hack. If you don’t have an incident response plan in place, contact a financial services or cybersecurity firm with extensive experience. An external partner should be able to assist with the development of a cybersecurity plan and test the existing infrastructure for potential vulnerabilities.

Unfortunately, user error is often inevitable. For that reason, organisations should also have an effective monitoring system in place. This will provide proper controls to detect a hacker trying to get into the system. Software should include intrusion detection and prevention, properly configured firewall and advanced endpoint protection, all of which will prove vital in a time of cybersecurity need. These systems will alert the company if there are suspicious events or activities within the network.

Companies cannot rely on security software alone for monitoring. Organisations must ensure their computer systems are up-to-date and modernised through patches, which are provided by software companies when a vulnerability in the software is exposed. If software is outdated, it will provide an additional entryway for a hacker to access the network. Additional anti-virus and anti-malware programs can aid in picking up on any zero-day exploits or hacks to unpatched software.

The holidays are a heightened time of vulnerability for consumers and organisations alike. With that in mind, businesses must prioritise cybersecurity awareness and best practices. Employees must also play an active role in being mindful of their activities online—from clicking on links to opening attachments and inputting private information.

Organisations should implement cybersecurity practices year-round, with heightened awareness around the holidays. From monitoring to proper controls, each layer of security will provide additional barriers from outside threats. As holiday retail spending reaches more than $1 trillion this year, it’s high time organisations refresh and review cybersecurity training, software and crisis response plans.

Last weekend, British shoppers were predicted to have spent almost £8bn on Black Friday sales – nearly four percent higher than last year. While this busy shopping period is certainly good for the British economy, it raises concerns about the opportunities for scammers and cyber criminals. Ross Brewer, VP and MD EMEA at LogRhythm, discusses for Finance Monthly below.

Indeed, all eyes have been on who – and there will be some – will fall victim to hackers’ increasingly persistent and clever tactics. Retailers are prime targets because of the confidential data they hold – whether it’s bank details, email addresses or personal information. There’s absolutely no doubt that cyber criminals will have tried to take advantage of the past week’s online sales peaks to access networks unnoticed or execute malware that has been sitting on the network for months. Retailers have a lot to prove when it comes to showing consumers that they are taking modern-day threats seriously.

As we only saw this week with Uber, it isn’t always a breach that makes headlines, it can be how it’s contained and disclosed. In such a competitive industry, retailers rely heavily on loyalty, which means reputation is key. They need to understand the true value of the data they hold and take the necessary steps to protect it.

Monitoring and detection is key

It’s hugely important that retailers are investing in tools that continuously monitors networks for any signs of a compromise. Indeed, online activity and network communications between components in the card processing chain need to be tightly controlled; a process that is specifically mandated by PCI-DSS. With time increasingly of the essence, it is also critical that, rather than simply scanning for threats and raising an alarm if something suspicious is identified, these systems are able to deliver actionable insight with supporting forensic data and contextually rich intelligence. Not only does this ensure that the right information is delivered at the right time, to the right people, but it guarantees that the appropriate context will be attached, significantly decreasing the amount of time it takes to detect and respond to threats.

Most retailers know by now that they cannot afford to take shortcuts when it comes to cyber security. With breaches now a case of when, not if, it’s essential that they are on high alert at all times – particularly during busy shopping periods. Despite growing concerns over the cyber threat, consumers are spending more and more money in store and online each year, but retailers cannot take this for granted. It only takes one data breach to damage a company’s reputation, hinder future sales and/or disrupt pending investments and deals.

The good news is that security intelligence has become so advanced that companies can now automatically detect a compromise as soon as it happens, enabling security teams to stop a cyberattack before any damage is done. With GDPR only a matter of months away, enterprise organisations and retailers are feeling the pressure to identify, mitigate and disclose an attack at the time that it happens. Only with rapid detection and response capabilities will retailers be able to take cyberattackers head on and protect their customers.

It’s the end of another Black Friday weekend, the annual event that has transformed the retail calendar and kicks off the festive shopping season for eager shoppers the world over. Below Karen Wheeler, Country Manager and Vice-President, Affinion UK, tells Finance Monthly both traditional and challenger banks could be missing an opportunity and should take inspiration from what retailers are doing during Black Friday.

In the UK alone, £1.4bn was spent on online sales in the UK on Black Friday – an increase of 11.7% on last year, according to online retailers trade body IMRG.

Given the amount of hype and expectation, it’s not surprising to see that banks are slowly waking up to how they too can be inspired by the retail world, and capitalise on this golden window of opportunity. Starling Bank, for example, was offering customers the opportunity to earn 10 per cent cashback on their online shopping on Black Friday and Cyber Monday (up to a total of £25) if they invite one person to join the bank with a referral code.

A missed opportunity

But aside from Starling, there are few examples of other banks experimenting with Black Friday offers, incentives and deals, and I think this is a huge missed opportunity. At a key time for consumers looking for discounts and extra value, could they be doing more to find new ways to make their customers happy, and generate goodwill and loyalty that extends beyond the Christmas period?

Of course, the understandable challenge for banks is that there is less of a natural seasonal spike for them to build momentum towards. Whilst retailers can live or die depending on their performance during the critical Christmas season, banks need to offer a consistent and engaging customer experience all year round. So how can providers give their customers the ‘Black Friday feeling’ every day of the year?

1. Surprise and delight customers – What makes Black Friday a success is the sense of the anticipation and surprise that it brings. Starling’s offer is a good example of capturing the festive zeitgeist, but instead of being a one-off purchase, it’s the start of a relationship with a customer built around meeting an everyday need. For banks, the opportunity is therefore to find moments where they can offer practical, relevant solutions which help customers to manage their lives, delivered in a personalised way which makes them feel special.
2. Personalisation is crucial – With reams of data available, there is no excuse for banks to make generalisations or assumptions about their customers, particularly at a time when life milestones are more fluid than ever. Barclays is doing this right, with its Life Moments proposition that lays out key considerations for events such as going to university, buying a house or having a baby – without any reference to age groups or gender. More channels and touchpoints mean more opportunity to collate data on each customer and build a picture of their lives into a ‘segment of one’, meaning every interaction should be relevant, engaging and valued.
3. Think outside of the box – According to the British Banking Association, there were 19.6 million banking app users across the UK in 2016, with 159 logins occurring every second. This means banks have a huge opportunity to capitalise on this high frequency of interactions and ask themselves: how can we build on this, what more can we offer our customers? We know from our partnerships with some of the UK’s leading banks that in order to build long-term loyalty, it’s essential to provide solutions for other relevant parts of their lives to deepen the engagement.

It will be interesting to see if more banks trial Black Friday offers and promotions in the years to come. However, banks’ relationships with their customers aren’t only important during the last weekend in November.

This is why it’s crucial to find new ways to engage, surprise and delight customers throughout the year; both meeting and predicting their needs and becoming an increasingly important part of their lives to build long-term relationships and encourage loyalty.

LCD wide screen TV at 50% off? Don’t mind if I do. Except I’ll have to make my way through a throng of a thousand punters, get punched in my left eye half a dozen times, and likely trample a few elderly buyers on the way. Black Friday is year on year becoming more about the thrill than the financial savings. Masses of people line up for the best stores to open, and scramble in once the doors open, only to leave the weak behind.

According to official data collected this year by Quantcast, in the US alone in 2014, 23% of 133,700,000 Black Friday shoppers camped outside a store the night before, and in 2015, all in all the nation spent around $67,560,000,000 in store and $2,932,000,000 online, with an average accumulated spend of $403.35 per person. These stats go to prove why Black Friday is crucial for the economy, as around 30% of annual retail sales occur between this celebrated shopping spree and Christmas itself. This in turn means more staff are hired in the busy period; according to NRF statistics, between an estimated 640,000 and 690,000 workers in 2016.

As many take part in Black Friday’s magic race for deals, most are either behind the cashier’s desk, managing teams, counting the numbers, or on the other side of the retail coin, making the most of prices. To shed light of the kind of situations, violence and anarchy you can expect from Black Friday this year, taking place on the 24^th November, Finance Monthly has put together 10 popular videos displaying the worst moments that have taken place on Black Friday over the past decade. Some of these may completely put you off the idea of taking part in this public event, while some will prepare you for what’s to come, if you’re still daring to make the most of it.

10. Black Friday Threats

Screaming profanities and ‘squaring up’ to one another, these two shoppers are consumed by the Black Friday fury as Asda’s security staff and various members of the public keep the two from ripping each other to shreds. The passion for justice is palpable as they stare at each other with shopper’s rage. “I’ll be outside mate!”

9. Black Friday Shopper Horde

Here we see hundreds of shopping mall dwellers longing for the shop’s shutters to rise, so they can engage in the Black Friday rush they’ve been waiting for all morning. As the shutters reach but an inch off the ground, fingers curl round the bottom, some people squirm under the rail, and heads start popping through the bottom. Before you can say Black Friday, the horde of shoppers are through the gap below the shutters and racing for a find. The shutters aren’t even half way up yet, but the rules are there to be broken, right?

8. Black Friday Staff Barricade

Just over eight members of staff form a barricade dam of stopping power as they proceed to open shop on this fine Black Friday morning in 2016. As the shutters are half a meter up the doors, look who comes crawling in, their first customer of the day, along with a whole other mass of shoppers ready to dig their claws in the best bargains. As the staff themselves are pushed out of the way, and fail in their mission to barricade until open, members of the public are infiltrating their way through the employees’ legs and getting on with their hunt. The staff are clearly scared and try to shut it back down, having to stomp it to the ground. One guy quite reasonably just lifts his hands in the air and says nah forget it, not today.

Hit the Next button to see our top 7 Black Friday scraps!

[pag]