• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Cybercrime   »   How can you be a safe online shopper?

How can you be a safe online shopper?

  • Posted on:July 13, 2015
  • Posted in:Cybercrime, Industry News, Vulnerabilities & Exploits
  • Posted by:
    Noah Gamer
0
Online shopping carries risks if you don't do it securely.

The e-commerce market is booming, and in the midst of it, one thing is clear: Nobody’s going to stop shopping online anytime soon. It’s easy to do, you can be anywhere to do it and you’re not boxed in by the walls of a particular store. Shopping for new clothes but getting sidetracked by your home improvement needs? Simply open up another browser and launch a separate, simultaneous product search. Shopping has never been more efficient.

However, it’s never been more dangerous, either. For the online consumer, using the Internet to find merchandise is filled with nearly as many risks as possibilities. That’s because there are innumerable hackers out there who are looking for vulnerabilities to exploit. While the hacks that get the most media attention are the ones that have big targets at the center – the Sony hack or the Target breach will undoubtedly come to the minds of many – it’s not the typical cyber criminal’s m.o. to aim high. Instead of looking for the most visible and formidable victim, they’re hunting out the easiest, most vulnerable prey. In the world of online computing, the web shopper sits near the top of this list.

For all intents and purposes, the typical online shopper is also the typical computing user. And as far as that goes, the average shopper using a computer can be summed up as someone who:

  • Uses the same weak password frequently: The typical consumer seemingly isn’t too worried about having secure passwords – or using unique ones across different accounts. A recent report uncovered that close to 75 percent of consumers leverage repeat passwords. And it’s not only that people use the same passwords across accounts – it’s that they never change them either, Entrepreneur reported. The same survey found that many of those polled admitted their passwords were five years older or more.
  • Doesn’t hesitate too much before giving out personal data: An email arrives with a sale special for your favorite department store, and all you have to do is tell them your address and birth date? Sure, why not! I mean, it’s not like they’re asking me for my credit card number, right? Many online shoppers are naive as to just how easily hackers can launch an identity theft operation. When it comes to the data a hacker needs to compromise your online identity, it’s not limited to highly private stuff like credit card numbers – they can also certainly make use of other, seemingly less valuable identifying details like your date of birth and address. And with an abundance of phishing schemes out there, it’s becoming increasingly common for consumers to receive supposedly corporate correspondence that has all the appearance of legitimacy but is, in fact, a scheme to get him or her to divulge personal information.

Unfortunately, safe cyber practice simply hasn’t become the norm among the general population. While those working in the tech industry likely apply the tools of their trade to their personal computing, most people out there lack the rudimentary cyber skills to know what places them in harm’s way.

Defensive behaviors online shoppers should employ
Cyber criminals target general consumers because they’re among the easiest targets. Therefore, the best way to get around this is simple: Make yourself a harder target. When computing users turn defensive, they immediately become harder for hackers to compromise. Here are some basic steps online consumers can take to boost their level of e-commerce security:

  • Two-factor authentication: If you’re the typical online shopper, odds are you have a bunch of online accounts with different retailers. And, for the sake of convenience, you probably have your credit card data stored within these accounts. Given that, you’ll want to make sure that nobody gets access to your account. But if all that’s separating an imposter from your enterprise account is a username and password, then it would merely take a breach of the specific business’ network to potentially compromise your private password data.As a customer, you don’t want to have to rely on all the different e-commerce websites you use to maintain the security of your account. By doing this, you’re immediately putting a big dent in your personal security. After all, how many hacks have we read about where corporations get a file containing patron passwords hacked? To us, it’s not a risk worth taking, which is why two-factor authentication (2FA) should come into play. What 2FA does is add an additional security wall to your online account – one that requires verification that only you can provide (like, for instance, a special code that’s only sent to your authorized tablet).

    People who enable 2FA not only experience a greater degree of security, but feel the difference too, with 86 percent of people who adopt 2FA reporting a bigger sense of security. It’s important to feel secure online, and it’s something that eight out of 10 computing users are actively concerned about. Two-factor authentication provides users with the ability to channel that anxiety into a productive solution. As a shopper, it’s important to see if the various e-commerce platforms you frequent offer 2FA. Some of those answers – as well as instructions on how to roll out 2FA for specific sites – can be found here. Others may require a bit of searching. But if there’s an online retailer you use that definitely doesn’t offer 2FA, perhaps think twice about storing your credit card data with them.

  • Antivirus software: There’s only so much that you, as a single online shopper, can do to protect yourself in a cyber sphere that’s crowded with threats. But fortunately, the task of virtual security isn’t something you need to do on your own. By deploying a solid antivirus software solution, you can benefit from a security partner that provides you with a constant eye on suspicious activity. When it comes to deciding on an antivirus package, though, not all offerings are created equal, which is why it’s important to ensure that the software has these features:
    • Password management and encryption: Robust antivirus software works with you to maintain password security by providing you with the management and encryption tools to guarantee that you’ll never use a weak or repeat password again.
    • Dangerous website blocking: Many online attacks these days only require that you land on a contaminated page for malware to be triggered. Therefore, your antivirus solution needs to be one that detects and eliminates dangerous or compromised sites before you land on them. Otherwise, it could be too late.
    • Social media protection: These days, our social media accounts form the basis of our online identity – and as such, they’re one of the first places cyber criminals will look when they’re honing in on a potential victim. A solid antivirus offering will provide tools that identify the privacy settings on your various social media platforms so that you’re not doing anything that could be needlessly putting your online identity at risk.
  • Generally more discerning computing: There’s another resource that every online consumer should deploy, and it’s absolutely free: good judgment. If an email lands in your inbox promising a deal at a store you love, did it really come from the store? If it’s asking you to immediately submit information about yourself (“But you have to submit now to claim the deal!”), that should be an immediate trigger that something’s not right. When it comes to email correspondence from stores you shop at, it’s best to operate in the spirit of constant skepticism.

​​With so many people getting breached, it can start to seem like attack is inevitable, but it’s not. For consumers, staying safe while enjoying the benefits of online shopping simply means taking a few proactive steps toward better security, and just generally being more attuned to the need to keep your identity secure online.

Related posts:

  1. How to Stay Safe Online this Cyber Monday
  2. Top Ten Tips for Safe Online Banking
  3. Is online banking safe?
  4. Tooling Up to Stay Safe Online!

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.