Black Friday and the dark side of security!

Black Friday and Cyber ​​Monday, which follows immediately after it, are days that have become permanent fixtures in the calendars of many Poles. The shopping and sales frenzy is gripping customers and online stores, which are seeing an up to threefold increase in the number of visitors at this time. There are amazing deals everywhere, big sales and... ubiquitous risk.

Please remember that these days are also hunting time for all kinds of scammers and hackers. online security The scale of the risk is very large.

What problems can you encounter when shopping online?

1. Fake commercial offers - a real plague that grows stronger every year. Impersonating online stores, creating deceptively similar websites with very large discounts and products much cheaper than those of the competition.
2. Competitions, pop-ups with limited offers and suspicious offers sent by email.
3. E-mails impersonating courier companies with redirections to payments on fake bank websites.
4. Using the Internet without any security (often connecting to open Wi-Fi networks). The computer or phone is then susceptible to all kinds of attacks by viruses, Trojan horses and worms. Situations where people lost all their money from their accounts due to a Trojan horse are nothing new and rare. Not so long ago, there was a lot of talk about problems with the website of ING Bank Śląski. The hackers who broke into it stole users' passwords to access bank accounts.

How to protect yourself on the Internet?

1. We advise that when logging in to the bank or proceeding to pay for the purchased goods, you should always verify whether the address entered in the browser bar coincides with the actual address of the institution where we have our account along with the means of payment.
2. Above all, show common sense and attention. Let's not open e-mails and attachments from unknown senders, try to use only online stores we know and pay attention to the characteristic "green padlock", which means whether the website has a valid SSL certificate. Its presence is indicated by a url address starting with "https://" instead of "http://".
3. A good antivirus program and effective protection for your computer and phone.

Dangers and problems facing online stores:

1. Server overloads and inadequately prepared IT structure.
2. Lack of an efficient monitoring system and inadequate competences of people responsible for security.
3. Poor system architecture of the e-commerce application, which is not ready for increased traffic, number of visits and purchases.
4. Lack of appropriate security procedures , including securing customer payments.
5. Lack of appropriate regulations in the seller-consumer relationship, often inconsistent with the Act on the provision of electronic services.
6. Lack of administrative access to your servers, domains and other accounts used for trading and customer communications. Lack of adequate IT security and awareness of employees.
7. Inadequate protection of personal data. Cases of theft happen even to the largest companies, so the problem cannot be underestimated. Moreover, personal data protection requirements (GDPR) are imposed on every operating online store by law. As an example of threats, we will cite the situation from last year.

An example of a lack of appropriate security measures for personal data.

At the beginning of December, the online store morele.net admitted to a huge data leak. Hackers stole a database that contained e-mail addresses, telephone numbers, and personal data along with passwords of 2.5 million store customers.

Before the matter came to light, hackers could attack morele.net customers with impunity for at least a month, perfectly impersonating the store, which they did in a credible and effective way.

After making the purchase, the customer received an SMS from the fraudsters asking for an immediate payment of PLN 1 to the order. He clicked on the link leading to the fake Dotpay website, selected the bank from which he wanted to transfer the money, left his login and password, and when finalizing the transaction, he confirmed that the fraudster had been added to the list of trusted recipients.

Consequences of a hacker attack on the website.

Since then, hackers have been free to wipe out the victim's account. Moreover, the online store has lost the trust of some customers. From December last year to today morele.net. saw a more than 6 percent drop in traffic, from nearly 12 million visits per month to over 8.5 million.

According to analyses, 1.36 percent of all transactions conducted on Black Friday and 1 percent transactions during Cyber ​​Monday may be an attempt at fraud. Assuming that the average value of one processed payment at this time in the world is 243 US dollars (approx. PLN 950), losses for sellers and buyers around the world may amount to millions of dollars.

Any online store can be a victim of cybercriminals; online platforms located in Poland are on the infamous list of the most frequently attacked websites. The scale of the phenomenon is huge, as many as 29 million attacks can be carried out every day around the world. That is why it is so important to protect your own safety and the safety of customers for an online store. In the second case, implementing appropriate procedures and standards is, of course, time-consuming, but it will allow the business to develop in peace, without exposure to losses, penalties and lawsuits.

Do you want to check whether your online store is ready for proper and quick customer service? Will it allow you to develop and ensure adequate security of transactions?

Is the security of the online store properly protected against hacker attacks?

Conduct an IT audit with www.teleaudyt.pl

Please contact us by phone or e-mail.

• E-mail contact: kontakt@teleaudyt.pl
• Telephone contact: +48 12 306 77 61