Published April 28, 2020
WRITTEN BY THE KIUWAN TEAM
Experienced developers, cyber-security experts, ALM consultants, DevOps gurus and some other dangerous species.
It’s not a surprise to hear that, especially in our current state, e-commerce is booming. It is even thought that by 2040, 95% of all purchases will be done online. Although buying online has become more commonplace, many are still unaware of the dangers they might face when using online payment services.
The dangers of e-commerce
There is a wide range of security threats you should be aware of in general when acting online, in particular when it comes to online payments, which are inevitably linked to your personal finances. It seems, however, that the risks of buying online are widely underestimated.
You are twenty times more likely to fall victim to a cyber-criminal than be mugged on the street, but statistics show that we greatly overestimate the likelihood of being robbed compared to the likelihood of falling victim to a cybercrime. While only 0.3% of people who worry about being robbed in their homes have actually been robbed, CSEW statistics maintain that 1% of all adults in the UK (both worriers and non-worriers) were victims of fraud and computer misuse offenses in 2016.
Identity theft especially is on the rise, thanks partly to social media, where many willingly share with others private details of their own lives. Formjacking was also up by 117% in 2018, allowing cybercriminals to hijack credit card data from online payment forms, leading to credit card fraud.
Thankfully there are things you can do to safeguard yourself and your finances from cybercriminals. Let’s have a look at the next 8 tips to keep safe when buying online.
How to buy online in a safe and secure way
1. Research the website and seller
Shop on websites from shops or sellers that you trust, or where you have shopped at before, both physically and virtually. Some businesses may be fabricated online by people who just want your credit card information. Also, do some research about the seller: do they have bad reviews online? Do they interact with a social media following?
2. Be wary of phishing and fake websites
As mentioned before, some cybercriminals create fake websites to lure you into giving away your credit card information or personal information. That is also being done via phishing emails and calls, which lead you to those fake websites.
Some may even create websites to impersonate well-known online shops, like Amazon, eBay, and so on. If the offers on the website or in the email look too good to be true, if the language the email is written in seems suspicious, or if the logos are slightly odd, these are all telltale signs that the website is bogus. One good thing to do in this case is to contact the company they are trying to impersonate and report it.
3. Check if the website is secure
In the corner of the URL field of your browser, you can see a small lock icon This signals that the webpage you are on has privacy protection installed: SSL (Secure Socket Layer). Another telltale sign is if the URL of the website starts with “https”.
4. Do not use public networks for buying online
Since public networks are publicly available, anybody can gain access to the WiFi an intercept what you are doing on the web. Your personal financial information could be easily grabbed by an identity thief. If you are in a public place, the best thing to do is to buy online with your own, private mobile data.
5. Use a credit card over a debit card
If your card information is hacked and purchases are made without your permission, credit card laws protect your rights better than debit cards. Your potential liability for fraudulent debit card transactions is virtually unlimited and you lose whatever money was taken. On the other side, your liability for fraudulent credit card transactions is $50 and the credit card issuer will have to fight to get its money back.
6. Use PayPal when possible
Using PayPal may be safer than giving your credit card number or bank account information directly to the website you are buying from. All your information is stored in one place, at PayPal, and is not spread out between every online shop you purchase at. Also, your data is stored on servers that aren’t directly connected to the internet and payments are made through a secure gateway that does not transmit the payment information to the merchant.
This does not mean that PayPal is immune from data breaches, but the company is working together with hackers and pays them if they find vulnerabilities in its system.
7. Do not give out more information that you need to
No upstanding shoe merchant needs to know your social security number, so be careful about what type of personal information is requested on the webshop, and just think if they really need it all. The safest thing is to just leave the “optional” fields empty at all times.
8. Use a strong password or multi-factor authentication
When shopping online, most people create an account on the webshop and save there personal data and credit card information. To make this data more secure, use a strong password to access this account or, better yet, enable two-factor or multi-factor authentication. This ensures that if a hacker gets hold of your login credentials and password, he still won’t be able to access your account.
9. Extra tip: Use a dedicated computer for financial transactions
This is an extra tip because it is not something that every person can do. The dedicated computer can be used in a VPN tunnel, separating it from the other computers or phones on the network, limiting unwanted access. It should also be used solely for online shopping and for nothing else (social media, emails, etc.) minimizing opportunities for malware infection and phishing. You can also go one step further and make sure that only adults in the family have access to it, thus avoiding unwanted buys from unsuspecting children.
What does online shopping have to do with Kiuwan?
At Kiuwan, we have a passion for everything related to online and application security. We want customers to be safe buying online as much as we want the financial applications used by shop systems to be secure.
That’s why we strive to support software development with a security solution aimed at making applications secure directly from the very beginning: the source code.
If you have any questions about Kiuwan and what we do, please contact us and we will be glad to get to know you!