Sharad Sawant, an avid online shopper, is keeping away from shopping websites this festive season. “Online shopping has become tedious, with spam offers and other security scares such as loss of credit card information. I would rather shop in stores than get duped by clicking on some wrong URL,” says Sawant.
His fears are not unfounded. Venkatasubrahmanyam Krishnapur, senior director, McAfee India, explains: “When searching for gifts online, beware that cybercriminals are busy putting up malicious holiday-themed content such as Diwali ringtones and e-cards as well as dangerous websites designed to spread malware or to steal information.” He wishes to bust the misconception that popular websites are infallible from cyber attacks and that it is safe to shop at such sites. “Cyber criminals are now so sophisticated that they can also fake the ‘s’ after the ‘http’ in a website address, which is usually considered one of the ways to secure a site,” adds Krishnapur.
Probably that’s why e-commerce portals such as Myntra.com, HomeShop18, buzzr.in and dealsandyou.com are leaving no stone unturned to ensure their customers are not duped by phishing and fraud sites. And, assisting the portals in these efforts are online security service providers and analysts. For instance, HomeShop18, that witnessed a 50 to 60 per cent increase in traffic this festive season, has added a mechanism for consumer education so that customers don’t fall prey to any scam. “We follow an extremely secure encryption of 256 bits. There is also a back-to-back arrangement with payment gateways to ensure that no misappropriation takes place during the payment process,” says Narasimha Jayakumar, COO (e-commerce).
Another e-commerce portal, buzzr.in, has installed strict measures to avoid online frauds. “Password data is stored in encrypted format, there are daily backups to avoid loss of data by users and we have a policy of not sharing email addresses. Permissions need to be taken to contact users by email,” says Kunal Jain, founder of buzzr.in. The website has also eliminated payment gateways for consumers and adopted a method of charging advertisers based on interest per deal, thereby ensuring a smooth and secure use. Similarly, dealsandyou.com has ensured no credit card numbers are stored on the website. “We have also been credited by Verisign and Thawte, the companies that provide online certificate, as being secure for online transactions,” says Arvind Verma, IT head, dealsandyou.com.
McAfee, one of the world’s largest dedicated security technology companies, has noted that scammers tend to tailor their emails and social messages with festive themes in the hope of tricking gullible recipients into revealing personal information. Alternatively, spammers attach malware to such greeting emails, attracting recipients to click on these, which in reality could result in unleashing of a malware on their system.
“Watch out for those ‘too good to be true’ offers. Such offers could be a part of a counterfeit operation designed to get your credit card details. On receiving such online offers or discounts, exercise the same caution that you would if an unknown person from the street tried to sell you designer goods at an irresistible price,” explains Krishnapur. From a solutions perspective, it is no longer sufficient to have anti-virus solution alone. McAfee advises that users must consider add-on features such as anti-phishing toolbars, password encryption, along with a security solution.