For all the Hollywood movies about hackers infiltrating our once secure infrastructure and top-secret government databases through wicked genius, the truth of the matter is that most cybercriminals prefer to stick to methods tried and true. And no attack is more trotted out than phishing scams.
A phishing scam is an attempt to steal your personal or financial information (such as bank account numbers, passwords, login credentials, credit card numbers, etc.) using phony sign-in pages or spam emails.
Sadly, ecommerce sites are no strangers to phishing scams. All too often trusting customers are duped by crafty cyber crooks and convincing, albeit bogus, webpages. This is bad news for shoppers and for the ecommerce industry. Below are a few tips to keep in mind so you don’t get hooked by a phishing scam.
Marketing Email Sham: Spam emails are one of the most common ways phishing spreads. Telltale signs include vaguely urgent warnings about your account, links redirecting you to a sign-in page, requests to “confirm”personal information and malware-infected email attachments. One simple click can put you at risk and compromise your finances for years to come.
- What consumers can do: Avoid opening any emails from persons or brands you do not know well. Never share your personal or sign-in credential with anyone, especially via email.
- What ecommerce sites can do: Refrain from sending marketing emails with attachments or link redirects to sign-in pages. Assure your customers that you will never engage in these behaviors and ask them to report any suspicious spam carrying your brand name.
Funky Redirects: Website redirects are another way hackers pilfer personal information. You think you are shopping on a secure enterprise ecommerce platform, comparing prices and mulling your options over. You click the link to learn more, but before you know it you are on an imposter website turning your personal information to some malicious actor.
- What consumers can do:Check the address bar. Do you notice anything peculiar? Are you on an entirely different website? Get out of there and manually enter in the intended address.
- What ecommerce sites can do:Limit your website redirects to third-party websites. If a customer is leaving your site, let them know using an automated warning.
Phony Check Out Pages: Similar to the above scenario, cybercriminals will often redirect you to a phony check out page. This is bad news for shoppers and for store owners since consumers unwittingly give away their credit card information and store owners lose out on a sale.
- What consumers can do:Check the URL, if you see a ‘https’ in the address bar, it is more likely a legitimate website. Additionally, look for trust badges from the Better Business Bureau, Norton and Symantec.
- What ecommerce sites can do: Add trust badges to your checkout page to assure customers that your site is trusted by some of the world’s leading third-party business and cybersecurity companies.
Little Errors, Big Scam: To better safeguard your finances or your business it’s important to understand how hackers work. While some may employ a surgical technique to their scams, more often than not they try to cast a wide net to catch as many people as possible. This means they are developing spam emails and fraudulent webpages with great speed, which opens the door to little mistakes.
- What consumers can do: Scan the site for spelling errors (especially in the brand name), distorted logos, grammatical mistakes and more. It may save you big time!
- What ecommerce sites can do: Keep an eye out for imposter websites that might be scrapping your products and content to trick your shoppers. Report anything suspicious to your cybersecurity or ecommerce provider.
In the end it all boils down to following your instincts as a shopper and implementing all the stops when it comes to your site’s safety. If you are a store owner in the middle of comparing enterprise commerce platforms, ensure that your provider can offer the best in cybersecurity protocol. Stay suspicious, stay savvy and stay safe.
