TrendKart

Online Retailer
Industry: E-commerce | Monthly Users: 1.5M | Annual Revenue: $80M+

The Challenge:
TrendKart was growing rapidly, but that growth came with increased attention from cybercriminals. They faced frequent phishing attacks impersonating their brand and customer complaints about potential data leaks. Moreover, their checkout process had high abandonment rates, especially on mobile, likely due to security concerns.

Assessment Approach:
A multi-pronged cybersecurity review was launched to cover:

• Phishing simulation and spoof domain analysis

• Email security check for SPF, DKIM, and DMARC implementation

• Web application penetration testing with focus on checkout and login flows

• User experience (UX) security audit for visual trust elements

Key Findings:

• Email servers lacked proper authentication protocols, allowing spoofed emails

• Checkout page had no visual security indicators (SSL padlock, trust badges)

• Weak password rules allowed easy-to-guess credentials

• Login and payment systems lacked rate-limiting protections

Remediation Steps:

• Implemented SPF/DKIM/DMARC records and partnered with anti-phishing monitoring services

• Redesigned checkout flow to include trust elements like Norton Secured badge and PCI compliance logo

• Introduced password strength meter and two-factor authentication

• Added rate-limiting and CAPTCHA to payment and login endpoints

Outcome & Results:
✔ 60% decrease in phishing reports from customers within 3 months
✔ 22% improvement in cart completion rates
✔ Strengthened brand trust and reduced chargebacks
✔ Boosted mobile conversion through UX-focused security