As the madness of the holiday season dies down and the New Year gains pace, retailers will renew the cycle of offering new attractions to entice shoppers into parting with their hard-earned cash in exchange for physical and digital goodies.
From New Year’s Eve to Valentine’s Day, there is no lack of opportunities for shoppers to indulge in shopping mania. And now, a large number of users are moving to the online world, where they can window-shop and buy goods from within the comfort of their homes, avoiding the hassle of chaotic crowds.
And it’s not just the convenience of it all that is boosting online shopping trends, but also the seemingly-endless financial crises that has been driving shoppers to search for that special bargain price. However, as internet shopping becomes more popular, so does the risk of cyber-criminals targeting online shoppers with new types of scams and malware designed to entice and trick them into handing over their currency in the digital space.
Old tricks in new forms
With users becoming more tech-savvy, attackers are quickly revising and launching new types of cyber frauds designed to exploit online shoppers and steal information like credit card numbers and internet banking passwords.
A classic example of this type of trickery was the recent iPhone 4S scam. Attackers tried to fool shoppers who were in search of bargain prices for the popular device, by creating fake eBay pages offering killer discounts for the smartphone. A virtual replica of the eBay checkout page would request users to enter personal information and then redirect them to a confirmation page informing them that they would receive further information via e-mail, which is definitely not your typical eBay practice. This phishing fraud was an attempt to cash in on the huge demand for the ‘’it’’ device, which understandably peaked during the holiday season.
A similar technique called ‘’SEO poisoning’’ predicts and poisons search engine results to re-direct users to malicious websites that drop malware onto users’ browsers. This type of attack is commonly used in tandem with a popular event, person or product to increase the chances of it succeeding.
Mobile mayhem
Mobile shopping is quickly becoming a reality, with studies showing that nearly half of all web-enabled smartphone owners use these devices for shopping and purchasing goods online. On the flip side, lack of awareness about smartphones security makes these devices prime targets for cyber criminals. And why not? Not only do mobile phones contain large amounts of sensitive information, many users also indulge in online shopping from wireless hotpots and public areas, making session hijacking very easy.
Mobile applications are another area where users make transactions via credit cards without being completely aware of the security or the underlying infrastructure of that application. Case in point: malicious applications that were recently placed on the Android Marketplace.
Conclusion
No matter how secure online services become, the fact remains that hackers will always find a way to get around security controls. Either by hacking an unsafe e-commerce server or by duping a naïve customer, they will always go after the easy targets. Customers should educate themselves on the latest types of fraud trends and sign up for security awareness newsletters to stay updated. Also, those addicted to mobile applications should ensure that they only use those apps which are from trusted developers, rather than downloading every new app they see on the marketplace. While it offers huge conveniences, the risks in internet shopping are very real and customers can no longer afford to feel safe just because they see a padlock next to their address bar when doing online transactions.