Combat Cyberattacks this Holiday Season

Iris® Powered by Generali, provider of a proprietary identity and cyber protection platform, recently released the findings of its sixth annual Holiday Shopping ID Theft survey. The annual survey polls consumers on their holiday shopping habits and the cybersecurity and identity theft concerns they have surrounding their shopping plans.

Loyalty360 CEO Mark Johnson met with Eugenia Blackstone, Chief Marketing Officer at Iris® Powered by Generali, to discuss the key findings of the survey and how brands can work to combat cyberattacks and fraud.

Recently, Iris launched its 6th annual Holiday Identify Theft survey. Can you give us a little background on the survey, report, and when/how it was conducted?
Blackstone: We are keenly aware of the cyber and identity theft/fraud risks consumers face, particularly during the holiday shopping season, so we wanted to shed some light on consumer habits and concerns  with our annual holiday shopping identity theft survey. The survey results also allow us the opportunity to help educate consumers and businesses alike on what they can do to reduce their risks.

To ensure that it’s not all doom and gloom, we like to include some general holiday shopping findings (e.g., how much consumers plan to spend, how many stores they plan to shop at, etc.). Each year, we partner with a research company to conduct the online survey – we ran this year’s study between October 10-12, 2022. Our ebook is a visual presentation of the findings.  

The report focuses on a number of holiday trends – from spending to shopping habits, and more. Were there any trends that stood out to you as most surprising or interesting from the survey?
Blackstone: Yes. It was interesting to see that men and Millennials were the most likely to spend over $1,000 this holiday season. Over nine in 10 Americans (92%) say they will spend money during the 2022 holiday season, similar to all previous years dating back to 2017. However, this year, two in three (67%) plan to spend $1,000 or less, with 40% stating they’ll spend less than $500 and 27% expecting to spend between $500 and $1,000. Three in 10 men (30%) plan to spend more than $1,000, which is significantly higher than the 21% of women who say the same. Two in five Millennials (39%) plan to spend over $1,000, considerably higher than all other generations [Gen Z (24%); Gen X (25%); and Baby Boomers (16%)]. 
You’ve conducted similar studies in the past. How have the results compared from last year’s report? How do they compare to the height of Covid?
Blackstone: While not surprising, especially post-COVID, a large majority (85%) of consumers plan to do their holiday shopping online in at least one of the following ways:

  • Using a desktop, laptop, or tablet (58%)
  • Using a cell phone or mobile device (53%)
  • Ordering online but picking up in a brick-and-mortar store (16%)
In addition, 17% say they will shop through a store-specific app. While less prevalent than online shopping, 55% of consumers indicate they will holiday shop in a brick-and-mortar store. Though the online shopping levels are equivalent to 2020 and 2021 (both 86%), intentions to shop in a brick-and-mortar store are highly comparable to 2021 (57%) after a significant rise from 2020 (48%). 

Is there a key stat or finding that you think is most important for marketers to keep top of mind this holiday season, and beyond?
Blackstone: Two actually… First, if a retailer has experienced a data breach in the past, most Americans (82%) say it will impact their willingness to do business with them in the future. Second, nearly two in three respondents (65%) would feel more safe/secure doing business with a retailer if offered identity protection services – Millennials (72%) in particular.

These findings tell me that it’s essential for companies to understand that their customers expect them to safeguard their data; if they don’t, they may opt to do business with a company that does. Additionally, if a business is looking for a way to differentiate its services from its competitors, especially if it is targeted to Millennials, proactively offering identity protection services may be a great way to create brand loyalty.

Are there any industries that are deemed more or less trustworthy by consumers? Does the attitude change based on size of the retailer (local business v national chain)?
Blackstone: One in three Americans (33%) trust e-retailers (e.g., Amazon) the most with their personal data this holiday shopping season, but nearly as many (29%) consider big box stores (e.g., Walmart, Costco, etc.) the most trustworthy. Local small businesses (18%) rank third in trustworthiness, followed by department stores (11%). Only 5% trust social media platforms the most with their personal data this holiday shopping season. 
Among generations, Gen X (21%) and Baby Boomers (20%) are more inclined than Millennials (14%) to consider local small businesses the most deserving of their trust. The reverse is true of department stores, with Millennials (15%) roughly twice as likely as Gen X and Baby Boomers (8% respectively) to view them as most trustworthy. Additionally, Gen Z (9%) and Millennials (7%) are more inclined than Gen X (4%) and particularly Baby Boomers (1%) to trust social media platforms the most with their personal data.
What surprised you the most about consumers’ views on cybercrime and fraud? Are there any trends among demographics such as age or gender?
Blackstone: We are always concerned that Americans are getting breach fatigue and, as a result, are less mindful and concerned about data breaches. So, it was a bit surprising to see that seven in 10 Americans (71%) express concern about their financial or personal information being compromised due to a data breach while shopping this holiday season. This concern represents an increase over 2019 (67%), 2020 (66%), and 2021 (67%). Men (81%) are more inclined than women (75%) to perceive a data breach of any kind as a threat. Additionally, Baby Boomers (52%), Gen X (55%), and Millennials (48%) view a data breach of an online merchant specifically, as a threat far more than Gen Z (37%).

Not as surprising as much interesting was that identity theft ranked second to inflation (higher than global conflict, by the way) as a top concern this holiday season.

For brands that have experienced data breaches, what can they do to win back the trust of their consumers? Is it ever too late?
Blackstone: It’s always a lot easier to lose trust than to gain it, so it likely won’t be easy, but yes, it’s very possible. Similar to any other relationship where trust is lost, transparency and communication will be key. Brands that have experienced a data breach will fair better if they are quick to communicate as much as they possibly can about the breach and what they doing to ensure they’re reducing every potential risk of it happening again.

I completely understand why a brand would want to simply put a breach behind them and not bring any additional attention to it, but their customers have long memories. If the focus is on what they are doing from now on and it’s more than just window dressing, consumers can be very forgiving – especially if the product/service is of good quality.

Proactive actions like offering comprehensive identity protection – not just temporary credit monitoring post-breach – and weaving identity theft/fraud education information into their normal content can be particularly helpful. Generally, if the brand is committed to keeping its customers’ data safe, talking about it will only build trust, not further erode it.  

How can consumers protect themselves from cyber fraud during the holiday shopping season? How much of that responsibility should be placed on the retailer?
Blackstone: Diligence with the best practices will be essential for consumers this holiday season. For instance, consumers should:
  • Avoid using public, unsecured Wi-Fi when making purchases or accessing financial accounts
  • Use unique, strong passwords for all online accounts and IoT devices
  • Keep a close eye on their financial statements
  • Be mindful of their surroundings when using smartphones in public or crowded spaces
Taking these measures will all go a long way in reducing their risks.

Retailers will play a huge role as well. Even the most diligent shopper can’t stop a point-of-sale attack/data breach of a merchant’s systems. So, first and foremost, retailers must ensure that they have robust tools and practices to keep hackers out. However, there are other actions they can take to help reduce their customers’ risk of cyber fraud this holiday season. Those actions can range from posting placards or floor signage where customers wait in line at a brick-and-mortar store educating them about shoulder surfing to e-retailers including tips on phising or reminders to change their password in order confirmation emails.

Recent Content

Membership and Pricing

Videos and podcasts

Membership and Pricing