WHAT’S AT RISK
Credit card information for millions of online shoppers
WHAT IS IT
The number of credit card scams have dramatically increased as workers stay home during the pandemic. Yonathan Klijnsma, head of threat research at RiskIQ, reports that there has been a 20% increase in online skimming activity in March. While not all skimming is malicious, digital scamming activity has historically increased whenever large numbers of people are forced to make online transactions.
WHY IS IT OCCURING
“Ecommerce crime spikes whenever there is an event that forces or entices people to perform more online transactions,” – Klijnsma [Wired]
WHAT IS THE IMPACT
Shelter-in-place conditions create a unique environment where everyone is online shopping, as it’s the primary option at the moment. As technology develops, digital scammers have invented new ways of skimming for private information online. As such, firms need to develop more sophisticated and efficient measures of security.
This proves difficult right now, a companies are busy dealing with their own operational obstacles associated with the pandemic. Tupperware, for example, had been unable to respond to complaints about a digital skimmer that was extracting payment information until findings were published online.
The result is an increase in potential scams coupled with a slashed ability to respond to security threats on the company’s side; the perfect breeding ground for malicious hackers.
HAVOC SHIELD’S SOLUTION
For the time being, and as a general rule of thumb, stick to purchases only from known, big-brand websites (Amazon, Apple, Express) when making purchases and if you must purchase elsewhere, verify these sites on other websites that review credibility (CNET for company and product verification for example).
Although it’s difficult to tell if a website is a scam or not, this article from Digicert gives you some tips on things to look out for for fraudulent activity. Some of these include checking the SSL certificate (https instead of http. Http websites could still be safe by https is extra certification) and checking the domain (https://amazon.com).