As Black Friday (November 28) and Cyber Monday (December 1) signal the start of the pre-Christmas spending rush, gadgetry will undoubtedly become more commonplace: as means of staying in touch or searching for presents as well as being given as gifts. With some organisations estimating that over 40pc of transactions during the Black Friday period will be carried out using a smartphone or tablet, Cifas – the UK fraud prevention trade body of banks, retailers and others – is urging people to ‘think before they click’ and help to protect themselves from falling victim to fraud because of technology.
As commerce increasingly moves into the world of portable online devices, it is important to consider that many aspects of our online behaviour have not yet transferred across to mobile devices. And, with over 80pc of all confirmed identity frauds recorded to the Cifas database in the first 10 months of 2014 being committed online, it is important that ease of use does not lead to complacency regarding security.
Cifas Communications Manager, Richard Hurley, says: “While there will always be risks when using the internet, it has generally become accepted that there are some minimum steps that must be taken: using different (and complex) passwords for separate accounts, anti-virus software, not clicking on links that look suspicious etc. Some of these steps, however, are not taken by users of portable devices – meaning that they are fundamentally at risk whenever they are online or checking emails. With identity crimes such as account hijacks and impersonations still predominantly carried out online, and with all the indications being that the data used to enable these frauds was obtained online, it is evident that – now more than ever – organisations must deliver clear messages on how to stay safe online and the warning signs regarding particular dangers.”
Steps to take when using a smartphone or tablet
While there are many things that can be done to keep yourself self when accessing the internet through a portable device:
Use different email addresses and different passwords for your various online accounts.
Never visit any website that uses financial details (such as banking or shopping) from a public wi-fi hotspot or from your smartphone. This is the online equivalent of talking to your bank manager on the phone in a busy public place: a criminal can intercept your details.
Block all spam emails. Never respond to unsolicited emails. Be careful of any links you receive in unsolicited emails.
When using smartphones or tablets, make sure you use all the device’s security features such as passwords and PINs. Remember to lock all devices when you’re not using them.
Avoid publicising your travel plans or posting holiday pictures while you’re away from home. Fraudsters and criminals will often look for obvious signs that you are away.
Visit: www.cifas.org.uk/avoid_being_a_victim.
Comments
Charlie McMurdie, senior cyber crime adviser at audit firm PwC said: “Cyber crime is a big business all year around but particularly at Christmas as consumers prepare to spend millions in online transactions. We are seeing cyber criminals become increasingly sophisticated and the threats harder to detect. But applying the same common sense as you would when shopping on the high street can help consumers to stay one step ahead.
“This isn’t just advice for consumers. With an average of 117,339 cyber attacks reported every day in 2013*, businesses need to ensure they are protecting what is important to them. Over the festive period there will be a surge in cyber attacks, as criminals look to exploit companies when they are least prepared. Therefore, no business can afford to stand still – they need to put measures in place to protect against incredibly sophisticated attacks that will strike without warning. Companies should also be ready to respond to incidents when they happen, knowing who they need to speak to when a breach occurs.”
Yo Delmar, vice president of GRC at MetricStreaming commented: “Events such as Black Friday and Cyber Monday have become increasingly important to retailers. Not only do they provide an opportunity for promotion but also offer new customers alternative experiences of how to shop. However, in the past year and a half there have been some high profile companies suffering data breaches, such as eBay and Target, due to the sophistication of today’s cyber threats. Indeed, with so many payment card details being registered, these events will inevitably attract cybercriminals and retailers must have processes in place to mitigate against this potential risk. For example, since spotting anomalous behaviour during a time of high activity can be incredibly difficult, companies should consider making no changes – or introducing any new processes/systems – to their existing infrastructure during these events. This would stabilise their normal background information, making it much easier to detect any suspicious activity.”
And Keri Dawson, vice president of industry solutions at the firm, said: “Black Friday and Cyber Monday are two of the most important shopping days of the year, both for online merchants and brick-and-mortar retailers. Due to the high volume of physical and virtual customer traffic, retailers have become increasingly mindful of how to optimise the customer experience while maximising sales. In the store, how a retailer handles the increased crowds – from store layout and product placement to staffing and security – goes a long way towards meeting consumer satisfaction. Online retailers must be even more vigilant of risks to transactional integrity – from website availability and stability to payment fraud and identity theft. Furthermore, social media offers unprecedented levels of information sharing, and every retailer should mind the risk of customer dissatisfaction. Disgruntled consumers’ tweets and posts can go viral almost instantly – a huge reputational risk that can directly impact a retailer’s share of the customer wallet. Customer satisfaction issues that arise at any other time of the year can often be addressed without media involvement, but problems that occur during the Christmas period are often amplified and live long in the memory. One way for retailers to help mitigate these Black Friday and Cyber Monday risks is to think about the whole shopping experience from the customers’ point of view and not simply from their own.”
And Darren Anstee, Director of Solutions Architects at Arbor Networks said: “Black Friday and Cyber Monday are key dates for e-commerce, making all organisations involved a target for attackers that are looking to make a point – whatever it might be. Traditionally these post-Thanksgiving events are US focused. But increasingly we are seeing retailers around the world adopting them as an opportunity to increase sales and in doing so, putting them also at risk. E-commerce downtime is always costly, and never more so than on Black Friday or Cyber Monday. Successful attacks result in lost revenue, lost reputation and potentially lost customer trust – all of which are hugely undesirable especially in the run up to Christmas.
“To protect the availability of their Internet properties from DDoS attacks, businesses need to have layered defenses. Attacks can be very large causing network congestion, or they can be stealthy targeting specific applications, using traffic that is very difficult to differentiate from that of a genuine user. In either case the end result of an attack can be service downtime if appropriate protection isn’t in place.
“Businesses that are reliant on the availability of their Internet properties for business continuity should ensure that they have layered defense: a cloud or service-provider service to deal with high-magnitude (volumetric) DDoS attacks; an enterprise or data-centre perimeter solution that can pro-actively deal with all attacks, including the more stealthy application layer attack vectors. And, ideally, these layers should be integrated. With appropriate defenses organisations can protect themselves from the DDoS threat, and ensure that they maximise their opportunities at this time of year.”
