No surprise that CBS News showed a 60 Minutes segment this past Sunday that alerted consumers about the risks of credit card fraud—just as the holiday shopping season began. But there was a surprising message from correspondent Leslie Stahl, who opened “Hi-Tech Heist” with this wake-up call to consumers and storefront retailers:
“Do you think twice when tying in your credit card number online, but have no problem handing over your plastic card at a store? Actually, you may have it backward. Your personal information may be more secure in cyberspace than at the mall down the road. That’s because it’s easier for dot-coms to protect the data, and most stores in America underestimate how vulnerable they are.”
The program went on to document how identity thieves steal credit card data while sitting outside a retail store whose wireless network is using weak or obsolete encryption technology. It was a wake-up call to bricks-and-mortar retailers to upgrade the security of their wireless systems, and acknowledged that e-commerce retailers are likely to have more secure communications technology in their customer service centers.
But online consumers shouldn’t let down their guard. There’s still a gauntlet of security threats awaiting the online shopper on Cyber Monday– and every day. Criminals, increasingly operating in organized gangs, are sending clever emails designed to direct you to a fake website where you can be duped into revealing your credit card and account information.
One critical line of defense is to add a phishing alert tool to your web browser. Microsoft offers a filter that works with their latest Internet Explorer, and warns you if a participating bank or commerce website can’t be verified by VeriSign.
Email services are another line of defense, since they can stop phishing messages before they reach your inbox. Yahoo’s email service recently started using domain keys to stop phishing emails purported to come from eBay and PayPal. (see http://blog.wired.com/monkeybites/2007/10/yahoo-mail-adds.html )
You can take some solace that your favorite e-commerce sites aren’t broadcasting your credit card numbers on an unsecured network. But as the Sergeant Esterhaus used to say on Hill Street Blues, “Hey, let’s be careful out there.”