BLOGDOG

Your personal cyber security and anti-hacking news

Is Online Shopping Safe: Myths and Facts

by: Omri Toppol
online shopping and credit card fraud prevention

Nothing can replace the convenience, variety, and ease of shopping online, and more and more people are starting to recognize this and move their shopping experiences to the online sphere, but while doing so, many people keep wondering – Is Online Shopping Safe?

In fact, Statista reported that global online shopping sales reached $1.7 trillion in 2015, and according to the report, 2016 is going to be even more epic with the current estimate at about $1.92 trillion. Hold onto your hats, people, because estimated figures jump even more in 2018, climbing to a staggering $2.35 trillion!

Cut away all the biz talk, and what you come away with is a simple fact: online shopping is hotter than breath mints at a kissing contest, and it’s a trend that isn’t losing steam anytime soon.

Is Online Shopping Safe? Clueless & Consuming!

Despite the fact that most of society eats, sleeps, and breathes online shopping, there is still so much misinformation circulating about this everyday resource, especially when it comes to the topic of online shopping safety.

While most people care more about getting a good deal on a pair of Cole Haan leather boots than they do about the seemingly-imaginary ghost of online security threats, the majority of folks still feel uneasy at that moment of truth when they type in those credit card digits and hit Enter.

The savvy e-consumer will check for security badges, notice anything fishy, and save their passwords responsibly.

But do you really know what to look for? What’s real and what’s not?

Check out some common misconceptions that everyday online shoppers have about using the internet, and lay some of your fears to rest.

The Padlock Icon Equals Security: Myth!

Probably the biggest myth in online shopping is the padlock icon.

We’ve written about the padlock icon before, but in case you missed it, here’s the general idea: Everyone knows to look for the security padlock icon when dealing with an online merchant website.

This little icon appears in the browser’s address bar and is supposed to tell us that the transaction is secure, right?

Well that’s not the whole story. Not by a long shot.

Padlock example

What the padlock really means is that any information sent between your computer and the online merchant’s server is encrypted.

That’s good news because it means that as your credit card details travel across the Web to the merchant’s server, the transaction details are unreadable to anyone who tries to intercept them.

Only your computer and the merchant can decrypt the data, making them readable and usable only to them.

This is not just a neat trick, but an important security measure, and you should keep looking for that padlock when you shop online.

The problem is that most credit card theft happens after the information has been stored on merchant servers.

Merchants generally hold payment info as part of the transaction details, and there are plenty of sellers that keep the data unencrypted. Even if credit card details are encrypted, they’re usually not encrypted with strong enough protection to be secure.

Here’s where the bad news comes in.

Anyone with access to these databases can see the information, including credit card numbers, expiration dates, and more.

It doesn’t take a genius to figure out that these are the databases hackers make a beeline for.

What can you do to protect yourself?

If the padlock isn’t enough to keep your details safe, then what is?

The answer is PCI-DSS certification.

PCI-DSS is a lot of letters but they mean one thing: bigger, better, stronger security for your information.

To get technical for a second, PCI-DSS certification can include more secure ways to store transaction details, server update applications, and other important  online shopping security measures.

Merchants that are PCI-DSS-compliant usually flaunt it, showing loud icons that shout from the rooftops “We’re certified!”

pci-dss

Buying from Well-Known Stores is Safe: Myth!

Big name brands spend a lot on security software, so they’ll obviously have better security than simple mom-and-pop-shops (most smaller websites use a standard, off-the-shelf e-commerce platform).

The problem here is that since merchants aren’t generally so tech-savvy, they won’t recognize any holes in the platform’s security, no matter how gaping.

On top of that, updates aren’t installed as frequently as they should be, and serious security flaws seep in, leaving your information unprotected and anyone using the website as sitting ducks.

Older platforms have vulnerabilities that are public knowledge: Hackers look for these easy targets, break into the merchant’s admin panel, and go shopping down the aisles of unprotected credit card data stored on the server.

So only shop at the big name online shops, right? Wrong. Even the biggest brands can be breached.

In early 2014, eBay was hacked and millions of usernames and passwords were stolen.

And sometimes lightning does strike twice in the same spot. The giant e-commerce platform was hit a year later through another security flaw.

Additionally, LastPass, a major password manager, was breached in 2015, and there are many other high profile companies that have been the victims of hacking attacks despite major security protocols being in place.

So while you can certainly do your best, nobody is truly safe when shopping online.

Online Shopping is Dangerous, Shopping at Brick-and-Mortar Merchants is Not: Myth!

Ok, online shopping is too sketchy for your taste, so avoid the problem by only shopping in brick-and-mortar stores.

As with most things in life, it’s just not that simple.

Your credit card information is just as vulnerable in a real store as it is online.

In fact, Home Depot, Target, and TJX stores have all had credit card theft incidents over the years amounting to hundreds of millions of credit cards being stolen.

Thieves like to use a unique form of malware specifically designed to infect Point-of-Sale terminals and steal credentials.

From restaurants to major and minor retail stores, PoS malware is everywhere today.

Card skimming is another easy way for hackers to pilfer your card details — small devices are carried in a card thief’s pocket or attached to a legitimate PoS terminal, and no one is the wiser.

When you hand your credit card over to a waitress, use an ATM, or swipe your card in any way, the potential for credit card theft is there.

In short, online shopping has its risks, and so does regular shopping.

It’s Always the Merchant’s Fault: Myth

Based on what you’ve read and heard, you probably assume that the merchant is at fault whenever credit card details are stolen. In reality that is not the case.

If the device you’re using (such as your PC, phone, tablet, or laptop) is infected with malware, the malware does all the dirty work, and the merchant comes out scot-free, having nothing to do with the breach.

Corrupted machines collect the transaction data and whisk it off to the hacker within seconds of your purchase.

Everything from email addresses and credit card details to bank account numbers and more can be stolen via this method.

Malware is a major threat, and sadly, most antivirus or security software cannot protect against these attacks. You can catch a virus on your work computer, laptop, tablet, or even smartphone if you aren’t careful.

So What Can You Do?

This is all sounding pretty doomsday, isn’t it? While there is no way to be 100% secure at every step of the online shopping journey (aside from not using credit cards at all, that is), there are precautions you can take to minimize the likelihood of your details being stolen.

The #1 most effective way of avoiding major issues like identity theft and credit card fraud is to stay alert by keeping the following in mind:

  • Keep a close eye on your bank account and other accounts attached to your name. Check your statements regularly and go through them carefully.
  • See if you notice any unusual activity or false charges. If so, notify the correct parties immediately.
  • Sign up for notification systems that send you an alert every time your card is used so you’ll always be aware of card activity.

Don’t leave this important matter to chance. Ask no more “Is Online Shopping Safe?” Take a proactive stance in protecting your identity and finances today.

 

 

Written by  Omri Toppol

Omri is LogDog's marketing guy. He is passionate about technology, digital marketing and helping online users to stay safe and secure

« | »

Leave a Reply

Your email address will not be published. Required fields are marked *

Other Posts

Get Protected

Enter your email and receive security updates * 100% privacy guaranteed, we will never spam you.
Mobile Analytics