Cases of cyberattacks and fraud are on the rise in relation to e-commerce transactions. This means it is critical that eager shoppers and businesses alike take the necessary steps to protect themselves. Online shopping scams involve scammers pretending to be legitimate online sellers, either with a fake website or a fake ad on a genuine retailer site.
An example of the risks has been seen with the recent Amazon Prime Day, where a range of scams were orientated at shoppers, including phishing emails.
Looking at the matter for Digital Journal is Will LaSala, Director Security Solutions at Onespan.
According to LaSala his mission is to “Urge everyone to move to multi-factor authentication wherever possible to protect you when shopping online.”
There is a reason why he recommends this. LaSala says: “In the recent news, we have seen approximately 25 billion user credentials leaked to hackers around the world. These leaked credentials make it much easier for hackers to steal user accounts – with a list of previously used passwords, cybercriminals can simply try each of those against your account. If you reuse a password, chances are that password is on this list.”
Looking at the U.K. as an example, LaSala highlights the extent of recent attacks: “In addition to moving away from static passwords, phishing and social engineering attacks have dramatically increased with over 36 million Brits targeted by scammers this year alone, according to Citizens Advice.”
There are things that can be done and LaSala describes some best practices: “Where hackers lurk, precautions must be put in place, and there are steps we can all take to stay safe when we look for that great new deal. Start by never giving away your sensitive information.”
With care around information, LaSala cautions: “Banks, credit card companies, and e-commerce sites will never ask you for your full password in customer communications. In addition, never fill out your card details on a website with a URL that you don’t recognise. Man in the middle attacks (or MITM), where hackers steal personal data by making near perfect copies of legitimate websites with their own domains, are on the rise. It is crucial that consumers always double check the web address before attempting to make a purchase.”
There are also risks abound with new technology. LaSala discusses some examples: “Mobile devices have brought all our private accounts and data into a single, convenient location — making them the perfect target for a hacker. Everything from online banking and e-wallets to email and social media is linked into your mobile device. This means that, once a criminal gets access to your phone, all your apps are open doors for cybertheft. Only download verified mobile apps from the official Apple App Store or Google Play store. Downloading mobile apps from unofficial channels opens the door to fall victim to attacks—one wrong click can lead to all your personal information being leaked.
LaSala’s final advice to readers is: “Finally, business must ensure that apps are sufficiently shielded and protected from these unwanted hacks.”