Australian retailers are heading into the holiday season with elevated cyber risk as new national scam data reveals a sharp rise in online shopping fraud and a growing financial impact on consumers and small businesses.

According to the Australian Cyber Security Centre’s Annual Cyber Threat Report 2024 to 2025, about 85,000 cyber incidents were reported across Australia. While this represents a slight decline on the previous period, the average loss for small businesses has risen to more than 56,000 dollars per incident, an increase of 14 per cent. With cybercrime now reported every six minutes, the retail sector remains one of the most exposed due to high transaction volumes, large stores of customer data, and complex digital payment channels that must operate reliably under pressure.

Ben Le Huray (pictured), Solutions Architect Team Leader at Ingram Micro Australia, said the same conditions that drive record sales during the holiday season create an ideal opportunity for cybercriminals.

“The festive season encourages rapid decision making from customers who want to secure limited time bargains. It also places pressure on retail teams who manage increased order volumes, high in store traffic, promotional campaigns, and accelerated delivery timelines. Cybercriminals understand this environment and design scams that imitate genuine retail activity,” Le Huray said.

“International events demonstrate what is at stake when a cyber incident strikes during peak retail activity. IKEA suffered a significant cyber attack during the 2024 Black Friday period that forced multiple operations into manual mode and resulted in millions of dollars in lost sales and remediation costs. The incident affected point of sale transactions, staff access, and product availability at precisely the time when customer demand was at its highest.

“The automotive sector has recently shown how severe the consequences can become when an attack disrupts global operations. Jaguar Land Rover experienced a major cyber incident that required the British Government to provide a guarantee of one point five billion pounds to stabilise operations and support recovery. This event highlights the scale of risk that modern supply chains carry and shows how a single breach can produce significant financial and operational impact.”

Le Huray says events like these underline the importance of preparation, visibility, and resilience for Australian retailers heading into the festive shopping season.

Retailers increasingly face risk from their own digital infrastructure. Misconfigured APIs between ecommerce and fulfilment systems, unpatched plugins, and third-party payment integrations create entry points that attackers exploit during peak load periods. These vulnerabilities can produce downtime, delayed fulfilment, payment failures, and dissatisfied customers.

Le Huray said retailers are seeking more assurance ahead of this year’s sales event.

“Across our partner network, we have seen sustained growth in demand for independent validation. Retailers want assurance that systems are configured correctly and that vulnerabilities have been addressed before high volume periods begin. Independent assessments, including penetration testing and configuration reviews, provide a neutral view of risk and help retailers identify weaknesses in ecommerce platforms, point of sale infrastructure, payment gateways, and cloud environments,” he said.

Training central to cyber resilience

“Training is one of the most effective controls available to retailers. It helps staff understand the types of scams that emerge during retail events and equips them to identify suspicious behaviour. Training improves awareness of phishing, fraudulent refund requests, supplier impersonation attempts, and social engineering tactics that target frontline workers who operate under time pressure,” Le Huray said.

Automation is another growing focus for retail IT teams, particularly as staff capacity tightens during the holiday season.

“We regularly see automation used by partners to support consistency, reduce oversight, and give staff time to focus on tasks that require interpretation and decision making. During the festive season, when pressure on systems is highest, automation ensures that essential checks continue to run and that issues can be addressed before they affect customers,” he said.

Retailers are also seeking flexible external support as peak trading periods intensify.

“At Ingram Micro, we are seeing growing demand for capacity on demand, which refers to the ability for an organisation to access extra resources when needed. In the case of retailers and service providers, this allows them to engage cyber engineers by the half day or through targeted project work,” Le Huray said.

With trading activity continuing to rise across Australia during the coming season, Le Huray said proactive preparation remains the strongest defence.

“Retailers that prepare early and empower their teams are better positioned to manage rising threats and stronger demand. With the right preparation, Australian retailers can enter the holiday shopping season with confidence,” Le Huray ended.