We all know Cyber Monday is a huge day for online purchases. However, what most Cyber Monday shoppers don’t know is that most retail sites on the web are not secure. According to VentureBeat, 61% of malicious sites are trusted sites that have been infected.
For developers and companies with a retail web presence, it is crucial to security test for in-the-wild vulnerabilities before a big day like Cyber Monday. And for customers, there are ways to protect yourself from attacks while online shopping. Here is Robert Bunge of VentureBeat’s best practices:
“Password Security – Strengthen and lengthen your passwords
Mix in numbers and special characters, and avoid proper names and sequential number strings (i.e. 12345). And don’t use ‘password’ as your password – the most popular password in 2011 was ‘password.’
The username and password combination is the most typical way to prove your identity on the web, but weak and ineffective passwords open the door for identity theft. The first general rule of password construction is to make it long. A short password can be cracked easily by a high speed program.
Use different passwords on different web sites and change them every so often. Failure to do this means loss of a password by one merchant could expose your accounts on all the others. Passphrases are a good way to generate strong, yet memorable passwords. Here is one example: ‘Oh say can you see by the dawn’s early light’ becomes ’0Scucb+de1.’
Trusted Websites – Only shop on reputable sites
Look for the SSL certificate and ensure the site starts with https:// and has a padlock icon.
The risks of shopping online are similar to face-to-face transactions. About.com offers the following general tips to minimize your risk. First, debit cards are the worst non-cash option. Why? If the card is stolen or the goods are not shipped, you are on the hook for any fraud or loss. PayPal and credit cards offer more robust dispute resolution and fraud prevention. PayPal will appeal to those who do not like to give out a credit card number. However, if PayPal is tied directly to your bank account, you need to monitor for suspicious activity in that account.
One good technique when considering a new merchant is to check that company name in one or more search engines. If the words ‘scam,’ ‘fraud,’ or ‘rip-off’ pop up, consider yourself duly warned! Also verify that the URL matches the merchant. Scammers often load the left-hand side of the URL with real company names to lure you in.
Payment – Use only one form of payment: a credit card
Putting your debit card information online opens up details to your checking account. Consider using sites with the PayPal and VeriSign icons. Having a dedicated credit card for online shopping is a good idea; it helps you spot problems and reduces your risk to other accounts.
Secured Networks – Never shop on an open Wi-Fi network
If the network is open, your information is open.”
To read the rest click here. What’s your favorite site for Cyber Monday shopping? Let us know in the comments section.