A florist with an online store was horrified to find that $24,000 of her earnings had been transferred to another person’s bank account. Hosted on a third-party cloud-based platform, her store had been breached by a hacker.
The number of cyber crimes reported in Singapore has been rising steadily over the past three years, and those who fell prey to online scams lost $1.9 million in total last year.
Don’t want to be the next victim? Here’s what online businesses can do to fight the top four cybersecurity threats.
1) Theft by Hacking
The florist’s unfortunate experience shows us that hacking is a very real threat. Yet surprisingly, few online retailers guard against it. For instance, 86% of businesses on ecommerce platform Magento lack critical security patches, which makes them easy prey for hackers.
Hackers also frequently target online shoppers, as ecommerce platforms store large volumes of their personal data, such as names and contact numbers. These databases are treasure troves to cyber criminals, who can fraudulently apply for credit cards using the information or sell the data on the Deep Web.
As an online business owner, there are steps you can take to store data securely and protect your customers against hacking.
For example, you can encrypt your website with Transport Layer Security (TLS) certification to prevent third parties from accessing any communication between the website and browsers.
Your store should also comply with digital security standards in the payment card industry (PCI). This means you should not be storing sensitive customer information that can be easily misused, such as identification numbers and credit card security codes.
2) Bad Bots
Bots are automated software applications that crawl around the internet to perform various tasks. They are not always malicious. In fact, bots are needed to create search engine entries and track website traffic.
But bots are also used by criminals and business competitors for nefarious purposes. Termed bad bots, they are commonly used to invade ecommerce sites, slowing them down and blocking access by potential customers. Today, bad bots make up 21.4% of traffic on ecommerce sites.
By impersonating human users, bad bots also hoard merchandise in their shopping carts, preventing genuine customers from accessing them. On some sites, bots can even manipulate prices, dealing a further blow to the business.
A simple way to fight bad bots is to employ CAPTCHA, which stands for Completely Automated Public Turing test to tell Computers and Humans Apart. It helps websites to differentiate between computers and humans and weed out spambots.
3) Phishing Alert
Cyber fraudsters go phishing regularly to steal valuable information. They pass themselves off as a trusted entity, such as a bank or a government agency, in emails to bait gullible web users into clicking infected links, which would install malware that give attackers access to sensitive data.
Phishing has evolved into an even more sinister form known as spear phishing. This refers to attacks that target specific individuals or organisations. Victims may receive emails that address them by their real names or make references to the companies they work for.
In 2018, businesses in Singapore lost nearly S$58 million to such email-spoofing scams.
To thwart phishing attacks, ensure your operating system is updated and patched regularly so security holes can be repaired promptly.
You should also learn to spot bogus emails. For instance, check the email address and not just the name of the email sender. Beware, too, of shortened links, which cyber criminals often use to trick users into thinking they are clicking on legitimate links.
Most phishing campaigns include an urgent call to action to invoke fear and anxiety. Attackers know that such emails get the most clicks. So be doubly careful when you receive emails with threats about your password expiring in 24 hours or an email account getting terminated soon.
4) Poor Security Practices
The greatest cyber threat to all businesses comes from within the organisation.
Cyber security often takes a backseat to profitability, especially for fledgling online businesses. But one data breach is all it takes to destroy a brand you have worked hard to build.
Adopt best practices such as using a reputable ecommerce provider with built-in security features.
Good security practices also include setting up two-factor authentication, changing passwords regularly and checking your finances every day.
Cyber criminals are constantly devising new tricks and scams, so security awareness training is vital. Ensure that everyone in your organisation is up to speed on the latest invasion tactics.
As an online retailer, your first line of defence is to use an ecommerce provider with a proven security track record and tools such as SSL encryption. With Shoptiq, your business will benefit from a safe ecommerce platform backed by robust cyber security infrastructure. Get your 14-day free trial with Shoptiq today.