The world of e-commerce has allowed businesses of all sizes to trade on a global level. But while the benefits of trading online are great, the rise of online shopping has also opened doors for hackers and identity thieves.
You have probably seen the recent news headlines urging users to change their passwords when shopping online. Big companies like Paypal and eBay have all been affected by security issues, leaving customers wary and feeling less than secure when shopping online.
The bigger your business is, the more likely it will become a target. Whether you’re making money, or taking the financial information from customers, data thieves will often want some of this information for themselves.
As a result, companies need to be on a constant guard and lookout for trouble online. To this end, here is a quick look through some important scams and potential defenses. Not only will these help you stay safe, you can use them to actively reassure your customer base and let everyone know you’re not an easy target.
Phishing
A major scam across the world right now is phishing. This is where criminals assume another identity, such as a business, and obtain private information. Often, this involves clicking on links and inputting the information under the belief it is a legitimate website. The real estate industry is a perfect example. Given how many thousands of dollars go into purchasing a new home, it would be a disaster if this money was taken by someone masquerading as an estate agent online.
To illustrate the importance of this point, a recent report by the RSA found phishing has been increasing year on year and, when it came to countries in the Asia-Pacific or APAC region, Australia was only behind India in the number of phishing attacks last year.
Encryption certificates
One way to negate the risk of phishing is to ensure secure lines of communications. SSL or Secure Sockets Layer, refers to encrypting data to and from your website. This protocol automatically ensures nobody else can understand the data, since they won’t have the required key, and can tell when such information has been edited or mishandled. There are many ssl certificates free online, although investing in the likes of extended validation will ensure you have the best security in place.
This will achieve a number of things. First of all, having the right certificates will let customers know when they are and are not dealing with you. Given the nature of phishing scams, the websites they send customers to will not have the same certificates. Similarly, ensuring customer information doesn’t get out in the first place will reduce the possibility of your customers being targeted.
Keep updated
While unfortunately, phishing might always be problematic, there are measures you can put into place to protect you and your customers. By keeping up-to-date on all the latest security measures you can ensure that your business and your reputation stay as secure as possible. Stay abreast of the news headlines and ensure you’re doing all you can to thwart off any possible attacks. Invest in all of the latest protection software downloads and make sure your customers are regularly changing passwords. By being proactive you can ensure that your customers and your business remain secure.
[Suggested reading: Several IT Security & Networking Tips for Small Businesses]
More than anything, i think businesses should embark on serious end user education and awareness campaigns. The user in most cases is the weakest link in phishing attacks, educating the user and creating general awareness on security issues should somewhat help improve the situation.
Users are the first and main victims of phishing attempts. Companies actually lose businesses when their users are victimized, so part of the onus is indeed on the companies to educate users to protect themselves. Awareness campaigns may cost a little, but it beats losing massive profits in a single phishing outbreak.
I am still amazed at how gullible people are when it comes to their online data. I got my inbox bombarded with emails telling me to change my passwords, sent by websites like ebay, amazon or even pinterest. I did so immediately and even got a stronger password but most people I know didn’t because they think it’s too much of a hassle and the threat is not real. People have to be informed about what phishing is and what they risk if they treat their security so trivially.
No matter how secure a system is, it’s ultimately up to the end users not to fall prey. Scammers play on peoples’ emotions, thus trick them into giving out their information. You always have to check the genuity of any site whenever your personal data is involved.
I always make sure not to click on any unfamiliar links but many of the newest ones look very real. I have received some emails from ebay asking me to reset my password and I know that only one of them was a real request. I deleted the emails and logged into my ebay account through the site which I trust.
Phishing is one crime that irks me beyond belief. Not that we aren’t all able to falling foul of this crime, I can’t help but think that it is the vulnerable among us who are more likely to be hit.
The Grandparent struggling to come to terms with using the internet or people with learning difficulties. This to me is a low blow and it angers me.