E-commerce grows and scams and inc ...

E-commerce grows and scams and inc …

December 9, 2020

A few months after the quarantines were decreed in the different countries, the rapid growth of Internet traffic was observed, and therefore of e-commerce. Although some businesses and ventures were already prepared for electronic commerce, it took others halfway through and had to be started by force and without having sufficient knowledge about security aspects, increasing the risk of scams.

E-commerce grows and scams and security incidents increaseE-commerce grows and scams and security incidents increase

According to data from a survey conducted by ESET, a company specializing in proactive threat detection, over the past month, 72% of users believed that businesses were not ready to transition to digital platforms and 83% believed that the rush Needing to adapt to online sales was accompanied by a greater risk to the safety of users. Likewise, 76% of those surveyed consider that the leakage of customer personal data is the main danger that users face when making online purchases.

According to ESET data, cybercriminals were also attentive to this phenomenon and through strategies such as the use of fake ads on social platforms, phishing campaigns, fake profiles on e-commerce platforms or web skimming attacks, cybercriminals seek to steal money, credit card details, passwords or other personal information. On the other hand, the scenario was open to the use of alternative technologies, such as the use of WhatsApp or social networks to buy and sell. “Given this scenario, it is important that users are vigilant and learn to recognize a scam on the Internet and take note of these tips to make safe online purchases. For their part, companies and online stores should also be vigilant, especially on special dates such as Black Friday. ”, Warns Camilo Gutiérrez Amaya, Head of the Research Laboratory at ESET Latin America.

According to data from the survey conducted by ESET, 74% of users believe small businesses are a target of interest to cybercriminals and 79% believe that the information that cybercriminals can obtain from small businesses is valuable. Online stores created through different platforms or content managers, have been victims of attacks known as web skimming. In July, for example, a global web skimming campaign became known that compromised more than 550 online stores to steal card data, many of which were from Latin American countries and also from Spain. In addition, in September another web skimming attack was known that affected more than 2,800 online stores. “It is important that companies that have the service of a shopping cart on their site have their systems updated and that they analyze the security measures they implement to avoid being victims of an attack of this type,” adds Gutiérrez.

Another type of deception observed is related to the use of the QR code as a payment method. According to data from the ESET survey, 35% of users feel safe using the QR code scanning system, while 44% consider that it can be easily tampered with.

ESET makes the following recommendations to avoid being a victim of this type of incident:
  • First, if the platform where the purchase will be made is unknown, verify that it is a legitimate site. For this you can check their social networks and read comments from other users who have purchased. Also check that the comments are from real users and not from fake profiles. You can also check in the Whois directory who registered the domain; especially that the registrant information appears visible. For this, the name of who the web certificate is issued must be checked, it can also be their social networks.
  • Be suspicious of offers that are too good, such as prices that are too low compared to what they offer in other stores. The same with the offers that arrive through alternative channels, such as WhatsApp.
  • Beware of fake ads on social media. Verify that the site to which you are directed is legitimate. When in doubt, manually enter the site address in the address bar and avoid entering through links in advertisements.
  • If a purchase is made on a known platform, avoid continuing the operation or sending personal information outside the platform, since it will be without the support they offer in cases of fraud or claims.
  • In the case of buying on a known platform, check the reputation of the buyer and seller. If you want to sell, verify the data of the person who buys before delivering the receipt.
  • In case of paying with a QR code, make sure that it is legitimate and be wary if they send the code by an alternative means or through a suspicious email account.
  • Use strong and unique passwords, avoiding using passwords that have already been used to access other accounts or online services. Also use a two-step authentication method on all platforms that allow it.
  • Use a reliable security solution on the devices. If you are a company, verify that the plugins and platform used run to the latest version.

To learn more about computer security, go to the ESET news portal

[+] Videos de nuestro canal de YouTube