The internet has revolutionised the way we shop. Online stores are ultra-convenient, speedy and accessible from lots of connected devices, and reputable online retailers have strong security systems. But criminals still target retail websites and customers.
This year has been pockmarked by examples of widely reported cybersecurity breaches, but many of them could have been stopped if basic steps to improve online security had been taken.
Indeed, forewarned is forearmed – so, what are the main risks you could encounter when online shopping?
This is when fraudsters send emails, purporting to be from reputable companies, in order to encourage individuals to reveal personal information – such as passwords and credit card numbers.
Phishing is the number-one concern for retailers, according to the British Retail Consortium’s (BRC) latest annual crime survey. Some 69pc of retailers surveyed rated phishing as a concern.
“Spear phishing” is also an increasing phenomenon, where people receive tailored scam emails designed to look like they’re from family, friends or favourite retailers.
The simple advice is: stay aware, and if you don’t like the look of an email, do not click on any links they ask you to follow. Instead, you should bookmark the site pages for retailers you use often, and only use these to access them.
“Consumers should be careful with their data,” says James Martin, crime and security adviser at the BRC. “Most importantly, they should never give out personal information or financial details just because an unknown stranger has requested them to.
“Instead, contact the company directly using a known and trusted email or telephone number.”
2. Theft of data
This growing phenomenon, primarily caused by system administrators and office workers with access to servers, was seen as a risk by 62pc of respondents in the BRC’s survey. The continent-wide General Data Protection Regulation (GDPR), which comes into force in May 2018, will set new standards in this space. Of course, many retailers will already comply with these and protect customer data well, but it means others will need to bolster their defences.
As Mr Martin says: “With more shoppers looking online to get the best deals, retailers continue to invest significantly in developing the right world-class tools and expertise to protect against cyberthreats. The BRC and its members work hand-in-glove with recognised experts from the public, private and academic worlds to support that.
“We would, however, encourage consumers to be careful with their personal data and only buy through trusted websites.”
Software intended to damage or disable computers and computer systems is third in the BRC’s list, with 54pc.
WannaCry, Cloudbleed and Equifax are three of the biggest examples of malware attacks in 2017, and compromised the personal data of millions of people.
The Government’s Cyber Aware campaign advises that consumers use strong and separate passwords to protect their email accounts; you can do this by choosing three memorable, random words, which don’t relate to personal information that may be easy to guess.
Retailers, too, have a responsibility to secure their online systems. “Retailers in the UK have some of the safest IT systems that can be found in any sector anywhere in the world, although they never rest on their laurels,” says Mr Martin.
“There are all sorts of databases and systems that look at patterns of unusual transactions, or transactions that use questionable information and will flag that so that they can potentially be stopped and investigated.
“Experts I speak to are comfortable that they stop something pretty far in excess of 95pc of the attempts they see.”
4. Fake online reviews
Five-star ratings can do wonders for online retailers, so it pays to be sceptical of write-ups that lack detail, or are too positive. If you are unsure about the validity of a review, try to check the source, and trust your gut feeling: if it doesn’t seem right, the chances are the product is substandard or it may even be a scam.
5. Counterfeit goods
Huge steps have been taken by online retailers to keep counterfeit products from their sites, but customers should still be mindful of the risk of imitation goods. Wherever possible, use reputable retailers.