Safer online Christmas shopping
December 2013 could prove to be the busiest online retail period in history and security firms are warning online buyers to take all necessary precautions to prevent falling victim to fraud this Christmas.
With ‘Cyber Monday’ kicking the month off, shoppers will be turning to the internet for all manner of gifts right up until Christmas Eve and then no doubt hitting the sales from Boxing Day onwards.
However, Alex Grant, managing director of fraud prevention at Barclays, has warned that Christmas will have come early for cyber-criminals if shoppers don’t take some basic precautions when purchasing online.
4 million Britons scammed in 2013
Speaking to The Telegraph, Grant cautioned: “Our research has shown that internet shoppers will be faced with a high level of threat to their personal and financial information as they hit the online stores this Christmas.”
According to research from Barclays and Kaspersky Lab, more than four million Brits have fallen victim to scams over the past year. So what can shoppers do to remain safe?
Firstly, security experts advise shoppers to ensure their bank is displaying up-to-date contact details so that any suspicious activity can be reported.
It is also vital to ensure computers are running anti-virus software which is fully updated. Home users should ensure firewalls are switched on, something which can be done in both Windows and OS X.
When making an online purchase, it is always a good idea to ensure the URL of the store you are visiting begins with ‘HTTPS’ rather than HTTP. This is a secure protocol which encrypts data between you and the online server.
Always use strong and unique passwords made up of a combination of upper and lower case letters, numbers and symbols.
| •|| Finally, be wary of clicking links sent via email. The safest way to avoid falling victim to a phishing attack is to visit a site directly. |
After taking these precautions, if shoppers still suspect they have been a victim of online fraud, they are encouraged to contact Action Fraud on 0300 123 2040 or visit actionfraud.police.uk.
It is not just Christmas shoppers who are at risk. This year we have seen many businesses defrauded out of considerable amounts of money, in the main part due to their company banking details being intercepted and compromised. The last few months have seen an upsurge in cyber-attacks leading to financial loss, for instance Birkenhead-based varnish producer AEV Ltd were subject to a phishing attack that enticed their financial control staff to inadvertently divulge the access codes to the online banking systems, the scammers then created bogus payee accounts and transferred over £100,000 of the Company’s money. A similar loss was experienced by a Baker “Truffles Bakery” who were subjected to a sophisticated virus attack that was originated from a bogus email from HRMC, the virus provided remote access to the fraudsters who used the information to access the firms online bank account and transfer some £20,000. These are a few examples of seemingly low profile businesses that have probably never thought they would be worth targeting by cyber criminals discovering the hard way that anyone with an online business account makes them a target.
THREE SUGGESTIONS TO MAKE YOU MORE RESILIENT TO A CYBER-ATTACK
Ensure staff are informed of cyber threats, educate them in how to identify the risks and what they should do to limit the threat. Coach them not to trust electronic communication, lay out the do’s and don’ts for financial system access - make your staff part of your defence.
Ensure your malware protection is robust - use all the features your solution has available (virus scanning is no longer sufficient) and have multiple lines of malware defence such at the gateway and the endpoint - detect the threat at the earliest possible opportunity.
| 3)|| Tighten up your system configuration to have a ‘least privilege access policy’, actively check for and remove vulnerabilities - deny hackers the ability to infiltrate your systems.|
If you want to do more and are not sure where to start then consider taking on our Cyber Assessment Service. we WILL undertake an assessment of your cyber security defences against the 20 best practice controls for cyber security, reporting on what needs improving and identifying key gaps in your defences.
Please email email@example.com if you would like to know more about this service.