This year’s peak shopping season, which kicks off this month with Black Friday and culminates in the traditional pre-Christmas rush, will be markedly different thanks to the Covid-19 pandemic.
With social distancing the norm, more people will turn to online shopping to get their gift fix. And even though consumers must be more security-conscious to mitigate against the risk of identity theft and online fraud occurring, retailers themselves need to be vigilant as malicious actors will try and exploit the situation.
“The e-retailing environment in South Africa has diversified significantly to not only encompass the traditional giants, but also include a spate of new entrants. Many retailers went online during the lockdown with lots of ‘mom-and-pop’ stores also adding a shopping component to their Web presence,” says Carey van Vlaanderen, CEO of ESET South Africa.
She says the availability of more user-friendly tools to create websites and add online shopping features will inevitably introduce an element of risk to the buying and selling experience. This is more so the case if these elements are not implemented properly.
“Fortunately, several local banks have introduced authorisation features within their apps. This lets consumers authorise any online transactions without requiring a third party. Even if consumers are protected from online fraud, the retailers have a more difficult process to follow. Banks are pushing online sites to have all the required security safeguards in place and to take a zero-tolerance policy to fraud. It is especially during the payment authorisation phase where those smaller e-tailers unfamiliar with the processes can fall short,” she adds.
Shifting security trends
Much like everything else digitally, the way cybersecurity is consumed has evolved.
“There is massive opportunity in adopting a monthly subscription model for cloud-based cybersecurity solutions as opposed to buying a licence annually. Moreover, the increase in number of people working from home has put more focus on security than ever. People are finally understanding some of the risks associated with their daily online activities.”
ESET researchers are encountering more than 350 000 samples a day of different malware. In many ways, this has been a constant threat and retailers and consumers are aware of some of the ways to keep themselves safe. Increasingly, social engineering attacks have come to prominence where security involves more than just installing software and must include people doing things right in the online world.
“As cybersecurity experts, we have taken up the challenge of educating the market on the types of attacks out there, especially as they relate to social engineering. Recently, we launched cybersecurity training on our site to further empower business and home users alike on what constitutes best practice. But there must be a willingness from people to learn and adapt their online behaviour accordingly.”
More than antivirus
Van Vlaanderen admits that despite these efforts, there is no such thing as perfect security.
“When we started ESET 16 years ago, the focus was on antivirus. And while this is still important, it is about giving retailers and consumers a different experience. As such, it is about making cybersecurity consumable over the cloud from the installation process all the way through to monitoring, patching and scanning. This is where a managed service provider (MSP) model works well. We are working with our resellers to ensure the customers experience cybersecurity as effectively and easily as possible.”
She says it is about bringing a product to market that is easy to click and install in a beautifully rich UI environment. The cloud has reinvented how security is done by introducing options such as remote management that can greatly enhance security for retailers and consumers.
To help protect themselves, consumers should always buy from well-known, reputable stores or sellers. Some scammers set up highly elaborate and genuine-looking websites. Some tips to consider is reading online reviews of the site and, if high-priced items are purchased from auction sites, always check the seller’s credentials.
“And while no payment method is impervious to fraud, some methods are safer than others. Credit cards are a good means of payment when shopping online, because banks keep a close eye out for fraudulent activity and charges. Most banks have a zero-liability policy on their credit cards that protects cardholders against credit card-related theft and fraud. So, if you are unfortunate enough to have been scammed, you can alert the card issuer to dispute the charge and get it reversed quickly.”
Naturally, cybersecurity solutions like antivirus, firewalls and Internet protection must be installed on any connected device as a matter of course. These must also be kept up to date with the latest patches. The good thing about cloud-based solutions is that they are always updated so users do not have to worry about this part of the process.
“Black Friday and Christmas sales specials are also easily exploited especially when it comes to deals that are too good to be true. This is an easy way for scammers to get you to divulge your private and financial information by selling non-existent goods. Whether you are a retailer or a consumer, vigilance must always be a priority especially in peak shopping season,” she concludes.
About ESET Southern Africa
ESET began life as a pioneer of antivirus protection, creating award-winning threat detection software. Now, ESET’s goal is to make sure that everybody can enjoy the breath-taking opportunities that technology offers. Today, ESET security solutions allow businesses and consumers in more than 200 countries and territories to make the most of the digital world. Working with ethical and passionate people, ESET is building a safer technology environment for everyone to enjoy. This is being done through education and business’s commitment to research and development. ESET believes in technology – and wants to make sure that everyone can enjoy it in safety. Visit www.eset.com/za for more.
- This promoted content was paid for by the party concerned