PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

Holiday Shopping: Linking to Gifts or The Trapdoor for Cybercrime

By Robert Capps
November 27, 2018
in Credit, Customer Experience, Debit, Fraud & Security, Fraud Risk and Analytics, Industry Opinions, Merchant, Mobile Payments, Security
0
1
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn
Cyber security concept, Man using smartphone and protect network

Cyber security concept, Man using smartphone and protect network on mobile screen.

With holiday shopping well underway, cybercriminals are fine-tuning their tactics to take advantage of merchants and consumers across the globe. Since 2013, over 13 billion data records have been lost or stolen in data breach incidents – and that number is only expected to grow.

As consumers spend more time and money shopping online, these criminals are looking to leverage any advantage they can find within existing online shopping systems. This year, the incidents of corrupt websites hosting banking trojans, downloaders, and credential stealers are skyrocketing, making up for 94% of malicious payloads in the third quarter of this year according to a recent report from Proofpoint.

Linking to the Badlands

Cybercriminals are now opting for embedded malicious URLs in emails, according to the Proofpoint researchers, eschewing their long tradition of attaching malicious files in the hopes that a user will open them. In the third quarter of the year, malicious URLs outnumbered attachments by over 370%. Research from NuData Security also supports these findings and has discovered fake antivirus programs and bogus browser plugins to be most popular, doubling their frequency in the second quarter of 2018.

These links are able to snag consumers without raising the traditional alerts that an attachment can cause – now that consumers are more aware of these types of phishing techniques. Businesses and consumers alike should take every precaution when sifting through promotional emails this holiday, as criminals will attempt to disguise phishing attempts as genuine offers. Just one bad click can trigger the download of a malicious program to their device.

While phishing has direct consequences for consumers, it also harms merchants who suffer from brand damage, customer distrust, and customer churn – where consumers move their business to a competitor they believe is more trustworthy. Phishing attacks emulate a trusted brand in potentially negative ways, so even if the victim doesn’t click any links in a phishing email, they are still exposed to fake communications that can change the user’s perception of the business who is impersonated. However, on the bright side, social media platforms have gotten much better at identifying phishing attempts within their platforms, boasting a 90% improvement in effectiveness over 2017.

Holiday Crime and Convenience

As mobile shopping adoption continues its upward trend, we’ll see more mobile purchases today than on a desktop device, and we’ll see more cyber attacks against users of mobile devices as they become a popular target for cybercriminals. Researchers at NuData Security have a found that high-risk mobile purchases were trending up 25.3% of total mobile purchases in the third quarter of 2018.

One of the stumbling blocks to consumer security on mobile devices is that mobile operating systems and browsers lack consistent and clear trust indicators, so the user may not recognize that a link they have followed has taken them to a malicious website set up to look exactly like the real store, instead of the legitimate site they intended to visit.

For consumers, one solution is to permanently dedicate some small portion of the screen to application identity. The operating system would provide an always-present identity bar that displays the name of the current application, and the browser could similarly provide a minimalist, always-present address bar that simply displays the domain in a small font.

Holiday Greetings

Merchants strive to provide an enjoyable shopping experience for their customers, especially during the hustle of the holidays – where they are more likely to switch to a competitor if getting a last-minute gift creates additional friction or inconvenience. Several new approaches are giving online companies the edge in protecting their customers, while locking out cybercriminals who blend in with the online crowd to do some pick-pocketing the digital way. 

To build lasting relationships, businesses need to recognize customers the same way as they would in a real store – without asking them for their name – and identify their customers without relying solely on credentials such passwords, usernames, and other information that can be easily faked or stolen.

Many businesses are implementing a multi-layered security approach that includes passive biometrics and behavioral analytics which identifies online customers by their behavior. Such identifiers as how a person holds their device, how hard they type, how fast that move from webpage to webpage are all part of the online mix to authenticate consumers. These key identifiers along with hundreds of other ones, are used to identify the person behind the device. So even if a phone, computer, iPad or other device is stolen, cybercriminals would be blocked as they try to make fraudulent transactions. At the same time, these cutting-edge technologies allow merchants to provide a memorable holiday shopping experience for true customers while offering them surprise rewards as well.

About the author:

Robert Capps is the VP and authentication strategist for NuData Security Inc., a Mastercard company. He is a recognized technologist, thought leader, and an advisor with more than 20 years of experience in the design, management, and protection of complex information systems – leveraging people, process, and technology to counter cyber risks.

1
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn
Tags: BiometricsCybercrimeCybersecurityMastercardMobile CommerceNudataSecurity

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    Using the Card “Beyond” Payments to find the Holy Grail

    Using the Card “Beyond” Payments to find the Holy Grail

    May 14, 2025
    Payments Modernization

    Playing Offense and Defense: Why Now Is the Time for Payments Modernization

    May 13, 2025
    Authorization Rates

    Boosting Revenue for Merchants by Optimizing Authorization Rates

    May 12, 2025
    Why Payment Orchestration is the key to international merchant growth

    Ensuring Payment Decisions Pay for Themselves

    May 9, 2025
    cross-border

    As Businesses Reevaluate Cross-Border Relationships, Financial Institutions Can Help

    May 8, 2025
    Nacha WEB Debit Account Validation Rule Verification Solution, Quovo ACH Payment

    The Brave New Future of the Disappearing Account

    May 7, 2025
    solana financial

    After an Upgrade, Solana is Primed to Be the Blockchain of Choice for Financial Institutions

    May 6, 2025
    PAR values

    The Connecting Thread: How PAR Values Can Mitigate Fraud and Supercharge Loyalty Programs

    May 5, 2025

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2024 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result