SMBs urged to update software ahead of Black Friday
NCSC identified 4,151 online shops compromised using vulnerability within e-commerce platform Magento


Small and medium-sized businesses (SMBs) are being urged to update their software ahead of Black Friday and Cyber Monday to avoid financial and reputational damage.
The warning comes after the National Cyber Security Centre (NCSC) identified 4,151 online shops that had been compromised using a vulnerability within the e-commerce platform Magento. With 250,000 clients, the Adobe subsidiary is the third-largest e-commerce system globally, after WooCommerce and Shopify.
NCSC alerted the affected retailers of the vulnerability in late September, with Magento issuing a security patch on 12 October.
All online businesses are being urged to update their software, as the mass shift to e-commerce since the start of the pandemic has caused more customers to shop online than ever before, increasing their risk of falling victim to online scams.
Hence, the NCSC has issued guidance on running a secure website and avoiding threats including skimming, which has been described as “a threat to all retailers” by British Retail Consortium assistant director Graham Wynn.
The trade association has urged “all retailers to follow the NCSC’s advice and check their preparedness for any cyber issues that could arise during the busy end of year period”.
RELATED RESOURCE
NCSC deputy director for Economy and Society, Sarah Lyons, said that the agency wants “small and medium-sized online retailers to know how to prevent their sites being exploited by opportunistic cyber criminals over the peak shopping period”.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
“Falling victim to cyber crime could leave you and your customers out of pocket and cause reputational damage. It’s important to keep websites as secure as possible and I would urge all business owners to follow our guidance and make sure their software is up to date,” she added.
Last year, Check Point’s security researchers observed a sharp increase in the number of phishing exploits in the run-up to Black Friday and Cyber Monday, with phishing emails having increased by over 13 times in early November 2020. In December 2020, RiskIQ security researchers discovered around 37,000 fake retail websites set up to scam holiday shoppers, with 208 domain infringement events containing only “Black Friday,” “Cyber Monday,” “Boxing Day,” or “Christmas”.
Having only graduated from City University in 2019, Sabina has already demonstrated her abilities as a keen writer and effective journalist. Currently a content writer for Drapers, Sabina spent a number of years writing for ITPro, specialising in networking and telecommunications, as well as charting the efforts of technology companies to improve their inclusion and diversity strategies, a topic close to her heart.
Sabina has also held a number of editorial roles at Harper's Bazaar, Cube Collective, and HighClouds.
-
M&S suspends online sales as 'cyber incident' continues
News Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
By Ross Kelly
-
Manners cost nothing, unless you’re using ChatGPT
Opinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
By Ross Kelly
-
How IBM and Adobe craft personalization at scale
Whitepaper Combining the content supply chain, CX orchestration, and intelligent commerce for ideal personalization
By ITPro
-
Preparing for peak: How customers purchased during peak
whitepaper The online shopping trends that shaped the parcel delivery experience during the busiest time of the 2022 calendar
By ITPro
-
What does the Data Protection and Digital Information (DPDI) Bill mean for small businesses?
In-depth Everything SMBs need to know as soon-to-be-updated data protection regulations make compliance easier and reduce costs
By Kate O'Flaherty
-
The Total Economic Impact™ of IBM iX digital commerce services
Whitepaper Delivering strategic growth with experience-led commerce solutions
By ITPro
-
"It's still not great": Industry divided on government's SMB tax relief package
News The government’s handling of R&D tax credits has left SMBs with a “sense of disbelief”
By Ross Kelly
-
UK startups dread Tech Nation loss as end of the road nears
In-depth Tech Nation’s tireless championing of the UK tech industry has left founders in the lurch as Barclays Eagle Labs steps in to take the reigns
By Ross Kelly
-
Technology Ecosystem benchmark report
Whitepaper The evolution of the IT industry
By ITPro
-
An end-to-end roadmap for SMB cloud migration
Whitepaper Future-proofing transformation
By ITPro