Contact Contact Us

WEEKLY COMMENTS

As the festive season approaches, more shoppers are going online to shop for year-end gifts and snap up commodities on festive promotions. Promotions for Singles’ Day are over, and shoppers around the world await Thanksgiving Day, Black Friday, and Cyber Monday. Now is the especially busy period for cybercriminals who are targeting both online shoppers and online merchants to make away with their share of festive bounty.

Online shoppers may find themselves targets of phishing websites, phishing emails, greeting card scams, impersonation scams, travel scams, and SMS scams. These scams may deceive shoppers with unbelievably attractive discounts and trick them into clicking malicious links or disclosing personal information. On the other hand, online merchants who do not provide secure payment services for customers or have yet to patch their web servers and software with the latest versions may find themselves at the mercy of cybercriminals who have no qualms about compromising vulnerable websites for financial gains.

We advise online shoppers and online merchants to step up cybersecurity measures during this festive season. We urge online shoppers to avoid using public Wi-Fi networks when making online transactions, and ensure the website supports secure payment service before making online purchases. In addition, we recommend online merchants to patch their web servers and software to the latest versions and ensure their websites provide secure payment service for customers. Online merchants should store the database containing sensitive payment and personal information offline and implement two-factor authentication for customer logins to prevent credential stuffing attacks.

References:
[1] [SingCERT] Festive Shopping Advisory for Shoppers and Online Merchants

Ensign InfoSecurity Singapore
6 Commonwealth Lane
Singapore 149547

Tel: +65 6788 2882
Fax: +65 6788 3883