There are plenty of things that retailers should consider when designing a secure online shopping experience, we've written about that before: Preparing for Black Friday.
Retail fraud in the UK is rising, primarily in the form of cyber crime, hacking and theft of customer details. 59% of retailers say that the level of fraudulent transactions at their organisation has increased since last year.
Mobile payment and electronic marketing methods, as well as shopping through apps and across various IT platforms, has provided significant opportunities for cyber criminals to slip through the 'cracks' using stolen credentials or even physical card skimmers on payment terminals.
One of the reasons that retail cyber crime is so damaging is because it has two sets of victims: the business itself, in terms of lost revenue or damaged reputation, and its customers, whose data is a valuable target for hackers.
Here are a few signs that a website might be compromised, as well as what to look for when shopping online, so you can have confidence that your data is secure.
1. Choose carefully where you shop.
You probably know by now to look for the green padlock icon in the address bar of a website, particularly once you reach the payment pages. However, did you know that the padlock is not a guarantee of security? The padlock means that web traffic going to and from the website is encrypted, but even hackers can build sites using this 'secure' certificate.
In addition to looking for the padlock, double-check to be sure that the website you're on is authentic, especially if you've never used it before. Consider using a more secure payment method, like a major credit card, which often has insurance cover for online purchases.
2. How much information do they want?
Consider making your purchase without creating a new account on every website. Checking out as a 'guest' usually means that you will be providing fewer personal details for the retailer to retain. Only fill out the mandatory details, which are usually marked with an asterisk*. This is also an important way to minimise the number of accounts you have online, which we often use weak or repeated passwords for.
3. Don't forget your device software updates!
Software updates on your device are crucial, as they often include repairs for common bugs that hackers can exploit. You should also consider waiting to make your purchase until you are connected to a private, rather than public, WiFi network, or use a VPN when browsing or shopping on public Wi-Fi.
4. Do they offer two factor authentication (2FA) at the very least?
If you do need to create an account to proceed on a website, do they offer 2FA to protect your account? Not only should you create strong, unique passwords for each new account, but make use of 2FA, which will send a unique, one-time code to a second device before you can log-in to your account. What's even better is multi-factor authentication. Although it seems rare on e-commerce sites, this is an excellent way of ensuring that your personal information and financial information is completely secure.
5. Play it safe
If you are suspicious, don't be afraid to search online and see if other people have similar concerns about a particular website or company. Type web addresses directly into your browser rather than follow links or click-throughs.
6. Be wary of emails
This follows on from point 5. Sadly, hackers quite often target customers or soon-to-be customers with emails asking them to confirm their financial details. Look for emails that contain poor grammar, dodgey email addresses and that aren't personalised to you. They often have strange subjects too that create a sense of urgency to get you to overlook the rest of the email and click on links. If you're unsure, get in touch with the retailer directly via their website (do NOT click on any of the links in the suspicious email).
For many organisations, hardware firewalls are difficult to maintain. FWaaS gives all employees access to the same number of resources on several types of devices, hence, scalability is easier no matter the size of your organisation.
The path to Zero Trust as an ideology is vague, so ZTNA provides a clear, defined framework for organisations to follow. Read our latest blog to see how ZTNA better protects your business.