Cyveillance Announces Top Tips for Holiday Shopping

By Derek Iwasiuk
DomainInformer.com
December 06, 2006

Cyveillance, the leading provider of online risk monitoring and management solutions, offers consumers the most common Internet security exposures during the holiday shopping season and tips on how to avoid them. A survey shows that 47.1 percent of consumers plan to shop online* for the holidays, and those shoppers must find ways to protect themselves against digital threats that attempt to infect their computers, steal their personal information or otherwise defraud them. Cyveillance outlines some prevalent threats and provides tips to consumers on how to protect their computers, data and personal information and avoid becoming victims of online fraud.

•   Risk: Non-secure Web sites. Cyveillance estimates that over 30 percent of e-commerce sites do not properly protect user transactions with Secure Sockets Layer (SSL), which provides secure Internet transactions.

   TIP: Ideally, consumers should be familiar with the companies they buy from and ensure that they are visiting reputable Web sites. They should look for "HTTPS" in their browser’s address bar as well as a digital certificate indicating that their personal information will be encrypted during the transaction. By clicking on the certificate, consumers can determine if the identity of the site matches the information on the certificate.

•   Risk: Malware. This is software unknowingly installed on a user’s computer with the intent of stealing personal information or providing remote access to sensitive data.

   TIP: Consumers should make sure they have the latest security updates installed on their computers. They should also be extremely cautious when responding to special offers in spam messages or when visiting unknown Web sites. Free content sites and giveaways are commonly used to lure Internet users to dangerous sites that distribute malware. Avoid clicking on links in any unsolicited email.

•   Risk: Typo-piracy. This can happen when a user makes a typographical error when entering a domain name into a Web browser and is diverted to a different site than intended. Over 10 percent of registered domains redirect users to a different site with a different domain name than the one they intended to visit. Typo-piracy is a highly effective way for predators and fraudsters to divert visitors to their malicious sites.

   TIP: Be careful when typing the name of a site directly into the address bar of a Web browser. If a site looks questionable, re-enter the domain name to double check that it is the intended site.

•   Risk: Phishing. This is an attempt to fraudulently acquire sensitive or personal information, such as passwords or account numbers, through counterfeit Web sites and emails.

   TIP: Consumers should never respond to email solicitations from unfamiliar entities. Understanding the email policies of companies they do business with is crucial. Most reputable companies will never ask for personal information via email. Phishing scams are no longer limited to online banking and eBay users; new attacks use more tempting offers and sophisticated tricks to lure victims. These threats often include special offers on holiday travel, exceptional deals and pricing on consumer goods, paid surveys, lottery winnings and other tactics. If an offer sounds too good to be true, it probably is.

•   Risk: Outdated security software. Purchasing and installing security software does not guarantee protection against security threats. As online risks evolve, out-of-date software can make computers vulnerable.

   TIP: Before shopping online, consumers should update their computers with the latest security patches and anti-virus software. These frequent updates offer protection from constantly evolving online threats, and installing the most current versions of security software is a simple form of protection. In addition, many malicious sites may attempt to change a user’s browser settings, such as the homepage or security options, which can lead to unwanted Web sites or malicious content downloads.

•   Risk: Public computers. Computers at public libraries or Internet cafes are used by hundreds of people daily. Not knowing which Web sites previous users visited or whether the computer has been infected with malware can put online shoppers at great risk.

TIP: Using an unfamiliar computer that could be infected with key loggers or other malware puts consumers at risk for credit card fraud or identity theft. In addition to installing anti-virus, spyware, firewall and pop-up blocker software to detect and protect against malicious programs, consumers shopping online should use computers they are familiar with and trust.

•   Risk: Gift cards. The National Retail Foundation recently estimated that as many as 70 percent of gift cards offered on eBay were obtained fraudulently.

   TIP: To avoid the possibility of fraud, consumers should purchase gift cards directly from retailers’ Web sites rather than through third parties. This way, they will also have complete access to the retailer’s refunds and other return and safety policies that are not available through third parties.

•   Risk: Convenience versus safety. Using the same username or password repeatedly can put consumers at risk for personal information and identity theft.

   TIP: Don’t risk security for convenience. Consumers should make a habit of using different usernames and passwords for sites they visit frequently and keep their login information in a secure place. To eliminate the risk of having personal data in unknown databases, consumers should always decline when a Web site offers to remember credit card or other information for future visits. In addition, one time use credit cards can be used for online transactions to greatly reduce the risk of fraud.

"The best defense is a good offense," said Todd Bransford, vice president of marketing for Cyveillance. "Shoppers need to take the necessary steps to be sure that the convenience of online shopping isn’t costing them their security and privacy in the long run."

ABOUT CYVEILLANCE

Cyveillance provides online risk monitoring and management solutions to Global 2000 organizations. The company comprehensively monitors the Internet using patented technology to deliver early warning of risks to information, infrastructure and individuals. Armed with this actionable intelligence and Cyveillance’s immediate corrective response capability, chief security officers can proactively protect their company’s reputation, revenues and customer trust. Cyveillance counts as clients over half of the Fortune 50 and three-quarters of the top Fortune 500 companies in the financial services, pharmaceutical, energy and technology industries. For more information on how to make your online experience a safe one, please visit www.cyveillance.com.

For more information, contact Tony Welz at 703-218-3555 or tony @ w2comm.com.

* The National Retail Federation’s 2006 Holiday Consumer Intentions and Actions Survey, conducted by BIGResearch, October 17, 2006.