Wednesday, May 13, 2009

Security Risks Inherent with Online Shopping





Listed below are just a "few" of the risks when you shop online without HomeATM's PCI 2.0 Certified PED

Shopping online without a HomeATM PCI 2.0 Certified SafeTPIN leaves you vulnerable to cyberthieves. There are many ways in which hackers can steal your sensitiveinformation without you knowing it. Here is a list of some of thepotential threats you face when shopping online without our SafeTPIN:

Privacy-invasive software
– This is software thatmonitors your computer with the intent of stealing sensitiveinformation and is often of a commercial nature.

Spyware
– Softwarethat could be on your computer without you knowing it. Not only canSpyware monitor what you are doing (including watching you type in yourcredit card number), but it can actually change how you interact withyour computer.

Crimeware
– Softwaredesigned specifically for the purposes of identity theft so theattacker can access your online banking or online shopping accounts.

Man-in-the-middle attack (MITM)
– An attacker sitsbetween your computer and the computer you are trying to communicatewith (the shopping site), intercepting, and even changing, theinformation.

Trojan
– You install software that apparentlyperforms a useful function, but it actually has a hidden agenda. Onceinside, the attacker can watch your screen, save their files to yourcomputer and even control your computer.
|
Keystroke logging
– A method of recording yourkeystrokes. This is a very common way to monitor mouse operations andobtain screen shots or monitor what is typed on your keyboard.

Phishing
– You get an official looking email froma trustworthy source (like a bank or PayPal) asking for information ofsome kind (usually passwords, SIN numbers, credit card numbers etc.).Of course, the email is actually from a fraudster posing as someonelegitimate.

Memory sniffing
– A program that effectively “sniffs” out your memory, revealing passwords, credit card data and other such information.

Exploits
– Software or a sequence of commands that take advantage of a bug or vulnerability on your computer to take over your computer.

Disqus for ePayment News