Bumper Xmas for e-tailers and scammers alike

Online shopping set to increase, but beware of phoney websites
Kerry Butters

November 28, 2011

More and more people are shopping online and this Christmas is expected to be a bumper one for online retailers, as cash-strapped Brits hunt out bargains wherever possible.

Reports predict that by 2014, online shopping will increase by 78% as consumers shop with a variety of devices on the go, including smartphones and tablets.

Of course, this means that cybercriminals will do their best to take full advantage of online shoppers and launch further attacks on new targets.

Crooks already target a lot of the information that shoppers use during online transactions, such as credit card credentials, online backing numbers and other personal data, and according to security experts Trend Micro, this is only set to increase.

Even though Google have recently taken steps to further secure online search, blackhat SEO attacks are on the increase.

Consumers searching for “hot items such as gadgets” are becoming increasingly more common as a form of attack to lead shoppers to malicious sites.

Scams are also on this up; this week saw Apple customers being targeted with an offer of $50 worth of vouchers via a malware infected email.

Of course, this would include the usual tricks such as phishing attacks which trick customers into providing login details, often for online banking, on a phoney website.

Session hijacking is also seeing an increase; this is usually due to users shopping whilst connected to an insecure network. Criminals use packet-sniffers which scan networks for specific information such as account numbers, which they will then use to impersonate the victim online and steal funds.

Trend Micro say that there are a number of simple steps that can be taken in order to avoid becoming victim to these kinds of attacks.

Shoppers should avoid searches that lead them to potentially untrusted sites and try to use brand names such as eBay and Amazon where they can.

Of course, this is not to say that they shouldn’t use sites they have never visited before, smaller online retailers often offer niche products which can’t be found elsewhere.

However, before buying, have a good look around a site. Check out the privacy policies and terms and conditions and make sure that companies have contact details that can be checked out. If you are in doubt, there’s no harm in giving a business a call to ensure they are who they say they are.

Ignore offers sent via email, unless you have specifically signed up to a company’s mailing list. Spam often contains malicious links offered through a great sounding deal.

Check the URL, phishers often try to disguise a web address by making it appear to be from a legitimate, large company. For example, an email offering a great deal from Apple may give the URL as applestore.appleoffers.com instead of store.apple.com.

A good security package will have a block list for sites known to be malicious and will include link scanners designed to protect you as you surf, it’s wise to invest in one.

Always ensure that any checkout pages are using a secure HTTPS connection, if not, don’t use them.

It’s also a good idea to avoid free Wi-Fi hotspots and insecure channels when shopping online, use a network that is secured when out of the house.

And finally, be extra vigilant at peak shopping times such as during the run up to Christmas.


Post a comment

Your email address will not be published. Required fields are marked *

Visited 2666 times, 3 so far today