Practicing Safe Online Transactions in E-commerce

Laura BednarCybersecurity and Vulnerabilities

Ecommerce Security and Protection

Purchasing goods over the internet is not a new concept. Recent statistics from show that there are over 2 billion digital buyers worldwide in 2019 alone. The most common items purchased are clothing, electronics, vitamins, and pet supplies, and not just from one vendor. The majority of consumers begin their purchasing journey on Amazon and are highly influenced by social media commerce suggestions.

Contact Us Now

In 2018, online shopping conducted through smartphones accounted for close to $117 billion. It is not only mobile devices that are susceptible to e-commerce crime and consumers need to protect themselves. There will be over 300 million U.S. online shoppers in 2023.

With online purchases continuously on the rise, the likelihood of criminals stealing a shopper’s payment information increases through e-Skimming. Any e-commerce business that accepts payments on their website is at risk of an e-Skimming attack.

This type of cybercrime involves the skimming of code on e-commerce payment card processing web pages. The criminals capture credit card numbers and other personally identifiable information and send it to their own domain for use. As a part of National Cybersecurity Awareness Month, we have gathered information on how to be cyber smart in e-commerce.

Risks in Retail

Cybercriminals can skim codes off of web pages in a multitude of ways. It can be something as basic as exploiting a vulnerability in the e-commerce platform or gaining access to a victim’s network through a phishing email. Online criminals are intelligent and can also skim payment card pages through:

  • Compromising third party entities by including skimming code in the Java Script that was loaded by a third party on the victim website
  • Cross-site scripting, which redirects customers to a malicious domain where the code grabs their information from the checkout page

Commerce practices in all industries are at risk including those in retail, entertainment, and travel. The data they collect can be sold on the dark web or can be used to make fraudulent purchases.

Protect Your Purchases

Security basics come down to a few guidelines: privacy, integrity, and follow-through. First of all, consumers should keep the transaction private by ensuring that your personal information isn’t accessible to anyone other than the merchant. The minimum requirements for a site include encryption and a firewall. Secondly, the integrity of the data must remain intact. The company may not tamper with the personal information that was entered. Finally, both parties must feel a sense of follow-through with the purchase. There needs to be a sense of completion that the purchase order was received.

Individuals and businesses alike can accomplish these privacy initiatives during the commerce process through some of the following:

  • Keeping anti-virus software updated
  • Monitoring and analyzing web logs
  • Implementing code integrity checks
  • Perform regular updates to payment software

Bouncing Back from a Bum Bargain

If you are the victim of e-commerce skimming or other online purchasing fraud, change pertinent credentials, save a copy of the skimming script to report to the authorities, and try to identify the source of the skimming code to determine an access point.

Our Secure Forensics team is full of experienced examiners who can investigate data breaches, instances of fraud, and other forensic services on all types of devices. Digital forensics is a growing need to reduce and deal with cybercrime. After retrieving the files and personal data from an affected device, our examiners will boil down the technical language into an easy-to-read court-admissible document. Learn more about our services by calling 1-800-288-1407.