Identity theft and falling victim to a scam or fraud are top of the list. The growth in popularity of online shopping websites has brought an increase in the activities of cybercriminals that are targeting unwary consumers. If you’re going to get the best out of your online shopping activities — without falling prey to criminals and Internet scams — you need to take a few precautions.
Here is the interview we had with Bethwel Opil, Channel Sales Manager, Kaspersky Lab in East Africa.
How do cyber-criminals take advantage of innocent shoppers’ online and what do they need to know about the cyber space and how can they stay protected?
Cyber criminals know and understand their audience well. They know that by merely sending an email to a consumer, who is unaware of and therefore their PC is unprotected, is an easy way to target them and obtain the information for personal or financial gain.
For example, cyber criminals could send an email claiming a person has won the lottery or an x amount of money due to a competition – in an attempt to lure a consumer in. The emails usually go on to explain what you could use your winnings for. Then the consumer may be asked to pay a small sum to “release” the winnings – and the emails asks you to send your online personal details, as verification. Many people do this without thinking – and then suddenly fall victim to identity fraud and the money sent can never be retrieved.
In our experience, we have seen consumers fall for this type of scam time and a time again.
Our advice to consumers is that if they ever receive an email like this, is undertake a quick Google search to see if this email is legit. (It never is.) We all want to find an easy windfall, but if you did not enter a competition or played the lottery, the odds are you haven’t won any money. Never send your personal information via email to anyone you don’t know (not even banks ask for this information via email), and never trust anyone trying to give you money for nothing. “If it’s too good to be true, it usually is.”
Further signs to look out for regarding fake emails are:
– The email is from a person, not a company.
– You are not the only recipient.
– You have never heard of the lottery mentioned.
With the growing cyber criminal world – what can users do when their online identity gets compromised or cloned?
As soon as you realise that you have been victimised think about your recent online activity. Did you respond to any emails that appeared to be from financial institutions claiming that your account was suspended or under review? Discover the source – it is important to know the origins of the attack.
Start making calls – once you’ have discovered the theft; begin with any companies where fraud occurred, such as your credit card issuer or bank. Ask them to close or freeze your accounts, and change all of your login and password information.
Protect your future – when an event like this occurs, know how and when to react, as it is important to take preventative measures, such as safe Internet surfing habits, and having solid Internet security solutions installed on all your internet-enabled devices, use effective/strong passwords. And while this all may sound a bit overwhelming, it pays to know what to do if your identity is stolen. These tips can help mitigate the damage and help you get your life back on track.
Do Kenyan shoppers need to worry about cybercrime or it’s still too early and safe?
Yes – Kenyans need to make protection of information on their mobile devices and desktops a priority. Cybercrime is a global issue that affects everyone – businesses and consumers alike. We live an era where information and technology is growing exponentially, which is great, but so too do the cybercriminal tactics/activities advance.
The realities of online fraud – what are some of the signs people can look out for and are Kenyan consumers at risk?
Everyone is at risk, including businesses and government departments. Though we are seeing cyber criminals focusing most of their efforts on industrial business as the industry is becoming increasingly connected. Smart cities are also developing fast with many devices, web services and cloud solutions helping people, businesses and governments grow further, but at the same time leaving them vulnerable from a security point of view. This is not to say consumers are exempt. So always be on the lookout for activity:
- The Locky malware – this is a Trojan that encrypts the users file, so they cannot access it at all and then displays a message with the attacker’s ransom demands, usually money, which is to be paid before the file can be opened. This form of activity is spreading rapidly and has targeted, and successfully attacked, organisations in over 114 countries.
- Skimmer – this is the first malicious programme that targets ATMs. It stems from a Russian group, and is a code that has been created allows them to infect the whole ATM with a Backdoor.Win32.Skimer. As a result, criminals can now withdraw funds from the ATM or grab the data from cards used at the ATM: including the customer’s bank account number and PIN code – without being detected.
How can banks, credit card firms and online stores do to protect their customers while shopping online?
Banks – we encourage all financial institution to carefully scan their networks regularly for any suspicious cyber espionage. If detected, our advice is to disinfect their systems (Kaspersky Lab products have successfully detected and blocked malware of this nature) and report the intrusion to law enforcement. Additionally, we also advise banks to protect the database, especially those that contain confidential information about the owners of accounts, not just their balances.
Online stores – do not store sensitive customer information. There is no motive to save thousands of customer accounts, especially credit card numbers, expiration dates and card verification value codes – and if online stores do not have the right security protection in place this this kind of information is very attractive to cyber criminals.
Credit card firms – credit card firms should implant a chip onto their customers’ credit cards, as this minimise card fraud and as such we are seeing credit cards firms undertaking this step to further safeguard their customers. The chips send encrypted, one-time codes for each transaction and makes the cards are difficult to read and copy.
What is Kaspersky doing to ensure online shoppers are safe?
Kaspersky Lab has a variety of product solutions such as Kaspersky Internet Security – multi –device 2016, which specifically protects any online activity on any device, as we understand that consumers not only want to get the best out of online shopping activities, but their entire digital world needs to be protected to ensure they do not fall prey to criminals and Internet scams. Further to this, we often advise online shoppers to take these precautions:
- Type the URL into the address bar
Instead of just clicking a link to take you to your chosen retailer’s website, it’s safer to type the retailer’s URL into the address bar on your web browser. It may take a little more effort, but this simple action can help to prevent you visiting a fake or malicious website.
- Manage and protect your online passwords
Using a password manager to help you to deal with and remember multiple accounts and passwords. The password manager also ensures that you encrypt passwords that would otherwise be in plain text. Some antivirus and Internet security software products include password management and password security features.