Even since the early days of the internet people have seen the potential of being able to make purchases for just about anything from the comfort of their own homes. Online shopping means that you do not have to deal with traffic, crowds, or even having to transport your purchases. However, despite the benefits of online shopping, it carries its fair share of risks. Just as with any virtual service, online shopping is often targeted by hackers who want to steal personal data and money. Although these risks exist that does not mean that you should never do any shopping online, as long as you keep safety in mind and follow good practices then the risks can be greatly mitigated. There are three primary methods that hackers use in order to steal data from online shopping transactions.
The first of these is by phishing, which is the use of fraudulent websites or emails posing as legitimate ones. Common forms of this are when a cyber-criminal makes a fraudulent website that looks just like the legitimate version of an ecommerce website, and attempts to trick the user into making a purchase through this fraudulent site thereby inadvertently giving the cyber-criminal the users data when they attempt to complete the transaction. Additionally, when a cyber-criminal creates a fraudulent email designed to look like it is coming from a legitimate source, often asking the user to follow a link to a fraudulent website to “confirm some information about a purchase the user made,” although in reality this is just an attempt to get the user to give up their information to the cyber-criminal. The best way to prevent falling victim to this sort of scam is to stay cautious and pay close attention. When performing online shopping only use reputable vendors, and always check the address bar of the site that you are shopping on to make sure that it is what it should be. Additionally, always check the sender address of any emails you receive to ensure that they are actually coming from who they say they are, and if the email asks you to follow a link hover over the link and wait for the text box to appear showing you where the link actually leads to so you can determine if you should actually click on it.
The second common method hackers use to steal data from online shopping is by using bots to look for unencrypted internet traffic. When your transactions are unencrypted all a hacker would need to do to take your information from it would be to look at and record it as it, and they can simply make a bot that can do that for them. In order to prevent that from happening you must only make online transactions on encrypted connections. You can determine if your connection to a website is encrypted by looking in the address bar of your web browser. The first part of the web address should be https, if it is instead just http then that means that your connection is not encrypted, and any information sent over it may be read by anyone who is watching it. Additionally, on the left of the address bar should be a lock icon, if that lock is closed that is also an indicator that your connection is encrypted.
3. Weak Devices
The third common method hackers use to steal data from online shopping is by targeting weaknesses on your device itself. This is the commonly thought of default type of hacker activity, attempting to infect your device with malware so that they can spy on your activity. This is countered the same way you would deal with and protect yourself from any other type of malware, by using antivirus software to monitor your device for suspicious activity and avoiding suspicious websites or downloads.
A few extra tips that can help keep you safe and mitigate potential damages is when shopping online, pay using a credit card with a low limit. Credit cards tend to have more layers of protection between payments and the money in your bank account than debit cards, and if the card you use has a low limit then that puts a cap on how much a criminal who steals it can spend with it. Additionally, you should always keep track of any purchases you make with it and compare that to your credit card statements, this makes it easier to identify suspicious charges. Finally check the settings and/or the privacy policies of any ecommerce websites or applications you use. This allows you to check and potentially change what information these websites/applications have access to on your devices.
It is the 17th annual National Cybersecurity Awareness Month and we are hosting a webinar to discuss the current cyber security climate!
This year, we will be performing a simulated 'hack' so that you can gain a better understanding of how they are executed, and how you can respond to and protect yourself from them.
Also, we will have guest speakers from Defendify and Brown & Brown Insurance! Our Defendify guest speaker will be teaching you about how to properly train your employees on cybersecurity issues and what free tools you can use to do so! Our Brown & Brown Insurance guest speaker will be discussing cyber insurance and how your company can better protect yourselves! Plus, we have some additional offers you may be interested in during the webinar!