Jump to content
Reliance Jio & Reliance Mobile Discussion Forums
Sign in to follow this  
Karthik R

Safe Online Shopping

Recommended Posts

shopping_cart_development.jpg

Why do online shoppers have to take special precautions?

The internet offers a convenience that is not available from any other shopping outlet. From the comfort of your home, you can search for items from countless vendors, compare prices with a few simple mouse clicks, and make purchases without waiting in line. However, the internet is also convenient for attackers, giving them multiple ways to access the personal and financial information of unsuspecting shoppers. Attackers who are able to obtain this information may use it for their own financial gain, either by making purchases themselves or by selling the information to someone else.

How do attackers target online shoppers?

There are three common ways that attackers can take advantage of online shoppers:

  • Targeting vulnerable computers - If you do not take steps to protect your computer from viruses or other malicious code, an attacker may be able to gain access to your computer and all of the information on it. It is also important for vendors to protect their computers to prevent attackers from accessing customer databases.
  • Creating fraudulent sites and email messages - Unlike traditional shopping, where you know that a store is actually the store it claims to be, attackers can create malicious websites that appear to be legitimate or email messages that appear to have been sent from a legitimate source. Charities may also be misrepresented in this way, especially after natural disasters or during holiday seasons. Attackers create these malicious sites and email messages to try to convince you to supply personal and financial information.
  • Intercepting insecure transactions - If a vendor does not use encryption, an attacker may be able to intercept your information as it is being transmitted.

How can you protect yourself?

  • Shop from a Secure PC - Public computers in internet cafes, libraries or any other public place may be compromised and others would have access to the same computer. You will not be able to know if the network is secure and the computers may be set up to remember the login details automatically.
  • Use and maintain anti-virus software, a firewall, and anti-spyware software - Protect yourself against viruses and Trojan horses that may steal or modify the data on your own computer and leave you vulnerable by using anti-virus software and a firewall. Make sure to keep your virus definitions up to date. Spyware or adware hidden in software programs may also give attackers access to your data, so use a legitimate anti-spyware program to scan your computer and remove any of these files.
  • Keep software, particularly your web browser, up to date - Install software updates so that attackers cannot take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.
  • Do business with reputable vendors - Before providing any personal or financial information, make sure that you are interacting with a reputable, established vendor. Some attackers may try to trick you by creating malicious websites that appear to be legitimate, so you should verify the legitimacy before supplying any information. Attackers may obtain a site certificate for a malicious website to appear more authentic, so review the certificate information, particularly the "issued to" information. Locate and note phone numbers and physical addresses of vendors in case there is a problem with your transaction or your bill.
  • Take advantage of security features - Passwords and other security features add layers of protection if used appropriately.
  • Be wary of emails requesting information - Attackers may attempt to gather information by sending emails requesting that you confirm purchase or account information. Legitimate businesses will not solicit this type of information through email. Do not provide sensitive information through email, and use caution when clicking on links in email messages.
  • Check privacy policies - Before providing personal or financial information, check the website's privacy policy. Make sure you understand how your information will be stored and used.
  • Make sure your information is being encrypted - Many sites use SSL, or secure sockets layer, to encrypt information. Indications that your information will be encrypted include a URL that begins with "https:" instead of "http:" and a padlock icon padlock.jpg. If the padlock is closed, the information is encrypted. The location of the icon varies by browser; for example, it may be to the right of the address bar or at the bottom of the window. Some attackers try to trick users by adding a fake padlock icon, so make sure that the icon is in the appropriate location for your browser.
    photo.jpg


  • Use a credit card - There are laws to limit your liability for fraudulent credit card charges, and you may not have the same level of protection for your debit card. Additionally, because a debit card draws money directly from your bank account, unauthorized charges could leave you with insufficient funds to pay other bills. You can further minimize damage by using a single credit card with a low credit line for all of your online purchases.
  • Keep a paper trail - Print and save records of your online transactions, including the product description and price, the online receipt, and copies of every email you send or receive from the seller.
  • Check your statements - Keep a record of your purchases and copies of confirmation pages, and compare them to your bank statements. If there is a discrepancy, report it immediately.

Sourced part of the info from US-CERT

  • Like 4

Share this post


Link to post
Share on other sites

Very nice information and I would request all online shoppers to go through this..

The https was something I wasnt aware off.. +1 to you bhai...

Share this post


Link to post
Share on other sites
  Quote
Make sure your information is being encrypted - Many sites use SSL, or secure sockets layer, to encrypt information. Indications that your information will be encrypted include a URL that begins with "https:" instead of "http:" and a padlock icon padlock.jpg. If the padlock is closed, the information is encrypted. The location of the icon varies by browser; for example, it may be to the right of the address bar or at the bottom of the window. Some attackers try to trick users by adding a fake padlock icon, so make sure that the icon is in the appropriate location for your browser.

Is it possible for the hackers to create a https site and still loot people of their money?

Share this post


Link to post
Share on other sites

Https serves the purpose of encrypting and decrypting user page requests as well as the pages that are returned by the web server. The use of https protects against 'eavesdropping and man-in-the-middle attacks'.

And I dont think it possible for hackers to fake https as the same need to get certified.

Share this post


Link to post
Share on other sites

Thanks for the very informational thread dear Karthik Brother. +1 :)

Share this post


Link to post
Share on other sites
  On 1/29/2011 at 7:06 AM, Greatest said:

Very nice information and I would request all online shoppers to go through this..

The https was something I wasnt aware off.. +1 to you bhai...

I always take care to look up if its secure or atleat the payment page redirects me to ccavenue or paypal or some such gateway page that is encrypted.

Just yesterday, i wanted to purchase a classified and the payment page came with https// but there was a red line across it..

I simply walked away...

Share this post


Link to post
Share on other sites

Hi frndz,

I am planning to gift the following product to my friend

http://www.99labels.com/v1/item-details.aspx?SalesId=MTk1Nw==&ItemID=OTA3MjA=&CategoryID=MTk4MA==&SubCategoryID=MTk4OQ==

How is the quality of products on this site if any one have purchased from them.

Thanks.

Share this post


Link to post
Share on other sites

these guys are good , but their delivery is a tad late. i ve been buying since a long time. the goods are genuine.....

Edited by rohitgaur

Share this post


Link to post
Share on other sites

Thanks Rohit.

So I will order a bit earlier than planned so I can receive on time.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

×