Monday, 30 November 2020 14:31

Top security tips for online shoppers

0
Shares
By Mathew Gomizel, Radware

GUEST OPINION by Mathew Gomizel, Radware:  With the year’s biggest shopping season just around the corner, consumers are preparing to take advantage of enticing discounts and offers from a range of e-commerce websites and applications.

Naturally, this is also the peak time for fraudsters and cyber criminals who try to trick shoppers with fake deals, hack into their accounts to steal gift cards, reward points and discount codes, and extract personally-identifiable information (PII) that they can further abuse.

Shoppers should follow the following tips to guard against being cheated and defrauded when shopping online. 

  1. Shop at reputed sites and avoid lookalike sites with similar URLs and appearance

Scammers often develop fly-by-night sites that use names and URLs that are very similar in their spelling to the names of well-known sites to trick shoppers.

  1. Use authorised shopping apps from Apple’s App Store and Google’s Play Store

Fraudsters try to trick unsuspecting users with spoofed shopping apps that imitate the look and feel of popular apps. Fake apps put consumers at risk of account takeover, financial loss, and exposure of personal information. Search for and download apps only from authorised app stores and never click on links offering app downloads from unknown or suspicious sources.

  1. Watch out for deals that look too good to be true

Don’t fall for unrealistically low prices, which are likely to be bait-and-switch offers that provide byers with a product that is not exactly what you wanted and expected.

  1. Make sure the website’s address starts with 'https' and check the lock icon in a browser’s address bar

The lock icon in a browser’s address bar and the ‘https’ before the website address indicate that a connection to the website is encrypted and secure to prevent a shopper’s information from being captured in transit.

  1. Look for websites and apps that have additional security measures

Leading e-commerce websites and apps usually have bot mitigation measures to prevent access by malicious bots. Use portals that have security measures to prevent bots, such as CAPTCHA challenges, which ask visitors to identify objects in images, or decipher short strings of text, or click on a checkbox to confirm that they are human. Most leading portals use a range of specialised bot mitigation measures.

  1. Provide as little personal information as possible

Reputable e-commerce portals generally do not ask for your Social Security number or other details that are not necessary to carry out transactions (such as your mother’s maiden name and so on). Provide the bare minimum personal data and avoid websites and apps that ask for more information than practically required.

  1. Use strong and unique passwords preferably with MFA (Multi-Factor Authentication)

Use a different password for every website, and if the website or app offers it (most leading sites do) we encourage you to turn on its MFA option ─  usually found in its Security settings ─  for secure log-in and an additional layer of account protection. After that, set up an MFA app such as Google Authenticator or Authy to receive the MFA security code required every time someone logs into those sites.

  1. Regularly check your bank statements

Watch out for suspicious transactions and charges that you do not recall making, and promptly report any unauthorised transactions to your bank or payment service.

  1. Do not shop via insecure public Wifi networks, and use a VPN (Virtual Private Network) if possible

Avoid making financial transactions using public Wifi connections, as hackers and fraudsters can easily snoop on your private data using a variety of common hacking tools. A VPN provides additional security by encrypting all data being received and transmitted from a phone or PC.

  1.   Use credit cards and services like PayPal instead of debit cards

  Unlike debit cards which are directly linked to a bank account, credit cards and payment services     usually provide more protection, less personal liability, and quicker resolution of claims.

  1.   Use a virtual credit or debit card

  Instead of providing an actual credit or debit card number and CVV code, take advantage of  services such as Apple Pay, Google Pay, Venmo and others, which allow users to make payments without revealing their actual payment card number, or generate virtual card numbers that are valid only for a single transaction, and worthless to cyber criminals who use bots to try to extract payment card details and other personal information.

  1.   Be wary of very lucrative offers sent via email

  Watch out for ‘phishing’ emails that offer lucrative deals, but are meant to trick shoppers in various ways, including revealing their log-in credentials, payment card data, or other personal information that can be further abused by criminals.

Always check to ensure whether such emails are sent from authentic sources, and look out for telltale signs of fraud, such as errors in spelling and grammar, as well as website addresses that have minor variations to make them look like a reputed brand, but may have an “i” instead of an “l” or similar discrepancies. When in doubt, just go directly to the brand’s website to confirm the authenticity of such offers.

  1.   Check to see if your shopping site or app is badged as PCI-DSS compliant

PCI-DSS (Payment Card Industry Data Security Standard) compliance is mandated by leading credit card issuing networks for organisations that accept and process credit card payments and cardholder data. Shop at portals that comply with PCI-DSS for assurance of stringent security and fraud prevention measures for your payment card data.


Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.

CLICK HERE!

WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://www.itwire.com/itwire-update.html and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.

MORE INFO HERE!

BACK TO HOME PAGE
Published in Guest Opinion
Tagged under

Related items

More in this category: « Why improving data management is vital for the success of electronic health records
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top