Retail therapy is the act of shopping with the primary purpose to improve the buyer’s mood. This form of “therapy” is practiced among many consumers, with more than half of Americans admitting to making a purchase as a way to lift their spirits. As therapeutic as shopping can be, it also raises fear among many consumers – especially around the holiday season. With websites, including eCommerce sites, experiencing 22 attacks per day on average, shoppers have good reason to be concerned.
Tag: ecommerce (Page 1 of 2)
With the holidays quickly approaching and online shopping expected to hit record highs, it’s the perfect time to make sure your customers, and your bottom line, aren’t at risk. In fact, shipping experts like FedEx, are predicting another record-breaking year of shipments driven by eCommerce purchases.
With the push for holiday shopping about to begin, we conducted a survey to take a closer look at trends in online shopping and how that relates to what we’re passionate about: protecting websites and their users.
Festive decorations adorn storefronts and holiday music fills every shop; a reminder that the holiday season is upon us. It is a busy time of the year, full of parties, reunions with family and friends and plenty of shopping.
According to the National Retail Federation, 2016’s holiday sales are expected to increase 3.6 percent over last year to 655.8 billion dollars. Shoppers are estimated to spend an average of $935.58 on gifts, food, décor, cards, and personal purchases.
That means a lot of time spent in stores and online looking for just the right gift, decoration, or meal for the season. It is also a prime time for a crime, especially if you’re shopping online.
Tony Spiridigliozzi is the founder of the successful eCommerce website Airspeed-Wireless.com. The website features security, wireless, switching products, IP cameras and VoIP phones. Its mission is to offer quality Cisco and Meraki products at low prices with exceptional customer service. Airspeed-Wireless.com has been recognized for its success and earned the Small and Midsize Business Specialization from Cisco and Certified Meraki Network Associate designation.
Identity theft is the fastest growing crime in the history of America, and businesses are not immune. There were more than 16 million victims of identity theft in the U.S. just last year, which works out to more than one new victim every three seconds. To put that in perspective, that means there were more victims of identity theft last year than there were reported murders, attempted murders, burglaries, attempted burglaries, arsons, vehicle thefts, purse snatchings, pick pocketings, shoplifting, and check fraud combined. With so many crimes and criminals in circulation, don’t make the mistake of assuming that it will never come creeping into your business. Identity theft in a business can take a number of different forms:
- You personally can fall victim, especially if you run a small business, mix business and personal finances, or keep personal information on business computers.
- Hackers, insiders, and others can steal employee and customer information and use that in turn to steal their identities.
- Your business could even be a victim of business identity theft, the growing problem of thieves creating fake versions of real businesses to commit massive fraud.
And business identity theft is such a big problem, the National Association of Secretaries of State created a task force to tackle it. It’s very easy for thieves to obtain publicly available records on your business, create fake documentation, open bank accounts, open lines of credit and obtain loans. They can also take out property leases and use those physical locations to accept orders for merchandise they order using the victim business’s identity. And often by the time a business owner ever finds out about it, the thieves are long gone and they are left to face some very awkward questions. In one case, a victim company found that an imposter company had opened an office in the very same building so they could use an almost identical address to fool banks and vendors. Here are some steps you can take to minimize the risks and spot an imposter:
- Check your state business filings every few months to make sure there aren’t any unauthorized changes – like new officers or a new legal address.
- Check your business credit report. You can do it with any of the three main credit bureaus – Experian, Equifax, and Transunion- and also with Dun and Bradstreet.
- Do regular internet searches for your company name and domain. Thieves will often register identical companies in other states, or register a similarly-spelled domain that may look like yours.
- Search for your own name and those of any other officers or executives, because thieves may be using those names to promote the cloned company.
- Protect your Employer Identification Number, or EIN, to minimize the risk thieves will get access to it.
- If your state allows it, sign up for alerts for any changes to your business filings.
Business identity theft is a growing problem and difficult to spot and stop. Constant vigilance is your business bet – like every other part of your business and website security program.
- It’s there for a reason. As the Target and many other data breaches have shown, there’s a huge underground market for stolen credit and debit card numbers. Crooks will go to great lengths to get these numbers, and the resulting breaches can be very costly. Even more important, credit card processors worry that more security and data breaches will hurt consumer confidence in using their credit and debit cards, and that’s bad for everyone.
- It’s got teeth and it’s not afraid to bite. PCI is like a guard dog that’s not afraid to turn on its master. It’s ultimately designed to protect you, and in the case of smaller firms, without much effort. But if you ignore PCI, it’s not afraid to bite. Failure to comply can mean penalties, fines, and even the inability to accept credit and debit cards.
- If you accept credit or debit cards, you can’t avoid it. One of the most common misconceptions is that PCI is only for bigger firms, only applies to businesses that process a minimum number of credit card transactions monthly, or that smaller firms are exempt. None of the above are true. If you accept credit cards, even one transaction, then you have to be PCI compliant.
- It’s like a free security plan. While any kind of regulation can seem like an unnecessary burden, PCI should be looked more as free security. The world’s top credit card processors, who between them process the majority of credit card transactions in the world each day, created a free roadmap to help you protect against card breaches. And PCI is not just about protecting credit cards. It’s ultimately about protecting your business, your reputation, customer trust, and your future. Not a bad freebie when you think about it.
- It’s not a security guarantee. The more credit card transactions you process each year, the more complicated PCI can get. The higher the number of transactions, the more rules you have to follow and the more it will cost you. Yet in spite of all the rules, being PCI compliant is no guarantee that you’ll be secure. PCI should be seen as a baseline and a minimum standard, meant to be combined with other layers of protection.
- Expect it to get tougher. With so many breaches, and so much in-depth coverage of them, it’s become apparent that even major organizations with huge investments in security and compliance have still fallen victim to security breaches. That’s led to calls to make PCI even tougher. You can expect that to happen in the next few years.
- Despite #6, it doesn’t have to be hard. For smaller firms, PCI is remarkably easy. Compliance is based around a self-assessment questionnaire. That’s right – you answer some questions and you conduct the assessment yourself. A major focus of compliance is making sure that if you accept payments through your website, your website is secure. Luckily that’s also easy. Firms like SiteLock can manage that process seamlessly and affordably.
Happy Cyber Monday! If your website has survived the Thanksgiving rush, let’s hope it doesn’t suffer from a post-Thanksgiving malware hangover. Because in the usual run up to Christmas, the only people busier than elves are hackers. And their favorite tool this year appears to be malware. What’s a website to do without trusted malware removal?
We took a look at many of the top security stories to hit the headlines in just the last couple of weeks, and it’s not surprising that most of them were about malware.
Security firm Symantec says that hackers have recently been very successful in delivering a nasty gift of malware to unsuspecting users by blasting out emails pretending to be antivirus software updates. What makes the emails so convincing, according to Symantec, is that they look very authentic and incorporate logos from most of the popular antivirus products – probably even those that you use. Because most users are likely to be familiar with the brands and use at least one of them, it makes the email appear more personal and genuine. And therefore more likely to be opened. And clicked – which is what causes the most damage.
Security firm Trusteer also announced that it discovered some of the most advanced financial malware yet, malware that not only has more features than any previous malware, but also creates a private and secure communications channel back to the hackers behind it. According to Trusteer, the malware can steal information entered into web forms as well as steal log-in credentials from dozens of the most popular FTP clients.
And this is especially dangerous to small businesses in the U.S. If this malware is able to steal the login and password for your business bank account, it will very quickly empty that account. And small business accounts are not protected by zero liability. So if the thieves steal every last dime you have in the bank account, you’re out of luck. And maybe even out of business.
To add to the misery, Trend Micro also reported that it discovered more than 200,000 different types of malware targeted at online banking in just the third quarter of this year, with at least 25% of them targeted at U.S. banks.
One of the most dangerous pieces of malware in circulation right now is Cryptolocker. This is ransomware. Once it infects your computer, it will encrypt or lock your files and then demand a ransom to unlock them so you can use them again. The ransom can vary, from $300 to more than $3,000. And even if you pay the ransom, chances are you still won’t get your data back. And thousands of users have fallen victim. Even one police department admitted that Cryptolocker had managed to kidnap their data.
And not to be left out, researchers have discovered that even the NSA has turned to malware to do their job, infecting at least 50,000 with a botnet that will allow them to spy on those computers.
So if website malware scanning and defense is not on your Holiday to-do list, it might be a good time to update that list. After all, it’s supposed to be the season of cheer.
Every day is an important day for business, and especially for security. While most shoppers sleep, hackers never do, and it only takes one day or one vulnerability to mess a whole lot of things up for your online business.
As Thanksgiving weekend approaches, your customers may be gearing up to make some big purchases. And how safe and secure they feel about your website could determine how much of their hard-earned cash will end up in your pocket.
Data has always been a currency for crooks but, now more than ever, personal data has become a hot commodity for everyone from petty identity thieves to major organized crime. And one of the easiest ways to get this kind of information is from websites just like yours.
There is a copious amount of evidence to support the notion that concerns over security, privacy, and trust stifle ecommerce, and continue to keep large numbers of consumers from shopping online as much as they’d like to.
The impact is felt even more by small businesses who constantly struggle to persuade consumers that their websites are a safe place to shop and surf. The customer might not always be right, but at least on this call, they are. Most small business websites, just like most small businesses, are inherently insecure. Consumers sense this, and it has become a barrier to trust.