By Derek Iwasiuk
December 06, 2006
Cyveillance, the leading provider of online risk monitoring and
management solutions, offers consumers the most common Internet
security exposures during the holiday shopping season and tips on how
to avoid them. A survey shows that 47.1 percent of consumers plan to
shop online* for the holidays, and those shoppers must find ways to
protect themselves against digital threats that attempt to infect their
computers, steal their personal information or otherwise defraud them.
Cyveillance outlines some prevalent threats and provides tips to
consumers on how to protect their computers, data and personal
information and avoid becoming victims of online fraud.
• Risk: Non-secure Web sites. Cyveillance estimates that over 30
percent of e-commerce sites do not properly protect user transactions
with Secure Sockets Layer (SSL), which provides secure Internet
TIP: Ideally, consumers should be familiar with the companies they
buy from and ensure that they are visiting reputable Web sites. They
should look for "HTTPS" in their browser’s address bar as well as a
digital certificate indicating that their personal information will be
encrypted during the transaction. By clicking on the certificate,
consumers can determine if the identity of the site matches the
information on the certificate.
• Risk: Malware. This is software unknowingly installed on a user’s
computer with the intent of stealing personal information or providing
remote access to sensitive data.
TIP: Consumers should make sure they have the latest security
updates installed on their computers. They should also be extremely
cautious when responding to special offers in spam messages or when
visiting unknown Web sites. Free content sites and giveaways are
commonly used to lure Internet users to dangerous sites that distribute
malware. Avoid clicking on links in any unsolicited email.
• Risk: Typo-piracy. This can happen when a user makes a
typographical error when entering a domain name into a Web browser and
is diverted to a different site than intended. Over 10 percent of
registered domains redirect users to a different site with a different
domain name than the one they intended to visit. Typo-piracy is a
highly effective way for predators and fraudsters to divert visitors to
their malicious sites.
TIP: Be careful when typing the name of a site directly into the
address bar of a Web browser. If a site looks questionable, re-enter
the domain name to double check that it is the intended site.
• Risk: Phishing. This is an attempt to fraudulently acquire
sensitive or personal information, such as passwords or account
numbers, through counterfeit Web sites and emails.
TIP: Consumers should never respond to email solicitations from
unfamiliar entities. Understanding the email policies of companies they
do business with is crucial. Most reputable companies will never ask
for personal information via email. Phishing scams are no longer
limited to online banking and eBay users; new attacks use more tempting
offers and sophisticated tricks to lure victims. These threats often
include special offers on holiday travel, exceptional deals and pricing
on consumer goods, paid surveys, lottery winnings and other tactics. If
an offer sounds too good to be true, it probably is.
• Risk: Outdated security software. Purchasing and installing
security software does not guarantee protection against security
threats. As online risks evolve, out-of-date software can make
TIP: Before shopping online, consumers should update their computers
with the latest security patches and anti-virus software. These
frequent updates offer protection from constantly evolving online
threats, and installing the most current versions of security software
is a simple form of protection. In addition, many malicious sites may
attempt to change a user’s browser settings, such as the homepage or
security options, which can lead to unwanted Web sites or malicious
• Risk: Public computers. Computers at public libraries or Internet
cafes are used by hundreds of people daily. Not knowing which Web sites
previous users visited or whether the computer has been infected with
malware can put online shoppers at great risk.
TIP: Using an unfamiliar computer that could be infected with key
loggers or other malware puts consumers at risk for credit card fraud
or identity theft. In addition to installing anti-virus, spyware,
firewall and pop-up blocker software to detect and protect against
malicious programs, consumers shopping online should use computers they
are familiar with and trust.
• Risk: Gift cards. The National Retail Foundation recently estimated
that as many as 70 percent of gift cards offered on eBay were obtained
TIP: To avoid the possibility of fraud, consumers should purchase
gift cards directly from retailers’ Web sites rather than through third
parties. This way, they will also have complete access to the
retailer’s refunds and other return and safety policies that are not
available through third parties.
• Risk: Convenience versus safety. Using the same username or
password repeatedly can put consumers at risk for personal information
and identity theft.
TIP: Don’t risk security for convenience. Consumers should make a
habit of using different usernames and passwords for sites they visit
frequently and keep their login information in a secure place. To
eliminate the risk of having personal data in unknown databases,
consumers should always decline when a Web site offers to remember
credit card or other information for future visits. In addition, one
time use credit cards can be used for online transactions to greatly
reduce the risk of fraud.
"The best defense is a good offense," said Todd Bransford, vice
president of marketing for Cyveillance. "Shoppers need to take the
necessary steps to be sure that the convenience of online shopping
isn’t costing them their security and privacy in the long run."
Cyveillance provides online risk monitoring and management solutions to
Global 2000 organizations. The company comprehensively monitors the
Internet using patented technology to deliver early warning of risks to
information, infrastructure and individuals. Armed with this actionable
intelligence and Cyveillance’s immediate corrective response
capability, chief security officers can proactively protect their
company’s reputation, revenues and customer trust. Cyveillance counts
as clients over half of the Fortune 50 and three-quarters of the top
Fortune 500 companies in the financial services, pharmaceutical, energy
and technology industries. For more information on how to make your
online experience a safe one, please visit www.cyveillance.com.
For more information, contact Tony Welz at 703-218-3555 or tony @ w2comm.com.
* The National Retail Federation’s 2006 Holiday Consumer Intentions and
Actions Survey, conducted by BIGResearch, October 17, 2006.