LIVE TV
ZEE Business
ZEE BUSINESS
हिंदी में पढ़ें  हिंदी में पढ़ें
Live TV
Live TV
  • Home
  • Budget 2021
  • Personal Finance
    • PPF
    • Mutual Funds
    • Income tax
    • EPFO
    • Income Tax Calculator
    • Personal Loan Calculator
    • Car Loan Calculator
    • Home Loan Calculator
    • SIP calculator
    • SWP Calculator
    • MF Returns Calculator
    • Lumpsum Calculator
  • India
    • Companies
    • Property
    • Startups
    • Uidai
  • Economy
    • Aviation
  • Tech
    • Mobiles
    • Apps
  • Auto
    • Cars
    • Bikes
  • Markets
    • Commodities
    • Currency
  • Jobs
  • Indian Railways
  • World
    • Economy
    • Politics
    • Markets
  • videos
  • photos
  • Authors
  • More ...
    • VIDEOS
    • PHOTOS
Read in App
Business News » Personal Finance News

Online shoppers, your hard-earned money may be at risk! Avoid doing these

A malware is stealing data including usernames, passwords, credit card information and personal details.

  • Twitter
  • Facebook
  • Linkedin
  • whatapp
  • View in App
Online shoppers, your hard-earned money may be at risk! Avoid doing these
E-commerce websites are actively becoming one of the numerously targeted mediums for hackers as they hold the keys to vast volumes of customer data. Reuters
Written By: Akash Sinha
Updated: Wed, Sep 05, 2018
07:41 pm
ZeeBiz WebDesk
RELATED NEWS
E-commerce firms from now on should have grievance officers E-commerce firms from now on should have grievance officers
90 pct Flipkart sellers back on platform, 125 per cent rise in new MSMEs 90 pct Flipkart sellers back on platform, 125 per cent rise in new MSMEs
E-commerce policy may incentivise kiranas for joining online ecosystem E-commerce policy may incentivise kiranas for joining online ecosystem
Indian e-commerce on its path to recovery; regains 30% of pre-lockdown order: Report Indian e-commerce on its path to recovery; regains 30% of pre-lockdown order: Report
'Cash on delivery' orders likely to go down post Covid 'Cash on delivery' orders likely to go down post Covid

Are you an online shopper? If the answer is yes and you have saved your debit or credit card details on the e-commerce site, then you may be at the risk of financial fraud. A recent cybersecurity research report has claimed that a data-stealing malware has infected over 7,000 e-commerce websites worldwide. The malware has put even those on risk who have shopped from the infected e-commerce site but have not stored their card on the site for faster future purchases.

The malware is stealing data including usernames, passwords, credit card information and personal details. Willem de Groot, a well-known Dutch security researcher, has recently discovered a dangerous flaw in there is a dangerous payment skimming malware that has been stealing thousands from the users.

4.2% of all Magento stores globally are currently leaking payment and customer data pic.twitter.com/Utw9W3t3Oa

— Willem de Groot (@gwillem) August 27, 2018

Groot also claimed that Google has added magentocore[.]net to Chrome's blacklist, as shown by the plummeting infection rate.

Google added magentocore[.]net to Chrome's blacklist, as shown by the plummeting infection rate. pic.twitter.com/CEXp64H1E0

— Willem de Groot (@gwillem) September 3, 2018

The malware dubbed as MagentoCore has been affecting the e-commerce sites that are using Magento software. The malware was installed in more than 7,339 online stores in the last six months and has been affecting more than 50 new websites a day.

How does it work?

The malware is executing the brute-force attacks that are trying to crack the admin panel password. Once the password is cracked the malware injects a malicious piece of code to the HTML which records all the keystrokes from the customers and sends it back to the hacker’s main server.

Besides this, there is a recovery mechanism that deleted the malicious code after it has executed. The researchers analysed more than 2,20,000 websites and 4.2% of them were already leaking user data.

Ankush Johar, Director at Infosec Ventures,  an internet security solutions firm, said that organisations need to put in place proper cyber-security infrastructure to guard themselves and their customers against any such fraud.

"This is a reality check for administrators that even the tiniest negligence can lead to a massive disaster. Other organisations must take this as a lesson and make sure proper policies are implemented well across their infrastructure and more importantly is regularly audited. Moreover, even with all security checks in place, it’s extremely important to make sure that the proper alarm bells are in place, so that, even if cybercriminals find a way through, which they eventually will, it doesn’t take months for your SoC to even discover the breach,” Johar told Zeebiz.com

Johar also said that preventing post exploitation is as important as avoiding a breach because it’s not always about if you will get hacked, it's about when and how quickly will you be able to mitigate.

E-commerce websites are actively becoming one of the numerously targeted mediums for hackers as they hold the keys to vast volumes of customer data. Despite merchants on the Magento e-commerce platform being PCI DSS compliant, hackers were able to breach the Magento admin panel and install malicious scripts which were used to record keystrokes identifying sensitive credit card data.

This leads to a question that is it safe to save credit/debit card information on e-commerce websites?

"From an end user’s security viewpoint, there is not much one can do except avoid storing sensitive credit card information on e-commerce platforms and only dealing with brands and mediums that not only hold themselves to the highest standards and regulations of security and privacy but also stay ahead of the curve in terms of cyber security," said Farrhad Acidwalla, media entrepreneur and founder of CYBERNETIV, a cyber security & research firm.

What should a customer do?

* Avoid storing your card details on e-commerce sites.
* Keep a tab on your credit card bills and check for any suspicious transaction.
* If you find any transaction which is not done by you, immediately contact your bank. You may also get your card blocked.
* In case of a suspicious transaction, lodge a report with police.
* Use your card for purchases on trusted websites only
* Before entering card detail on any site, check if the page URL starts with https:// or it has a lock symbol in the browser bar.

Watch This Zee Business Video

Here are some best security practices for system admins:

* Proper auditing of source code: System admins are advised to conduct proper auditing of source code and look out for any unexpected line of code that wasn't supposed to be there. Use version control and monitoring services to get notified the moment a file on the server changes.

* Monitor access to your web server: Use proper Intrusion Detection Systems (IDS) and Log monitoring services to constantly track the kind of access your server is granting to users.

* Regular security auditing + VAPT: Its highly advised that the web admins carry out proper auditing and Vulnerability Assessment & Penetration Testing(VAPT) exercises to close as many loopholes as possible so that it isn’t extremely easy to hack your servers and web applications to upload malicious miners/malware.

* DDoS and Intrusion Prevention Systems: Deploy trusted DDoS prevention services to discourage attackers carrying brute force attacks and use IPS to block common attacks which will help in preventing exploitation even if a vulnerability has slipped past VAPT processes.

Get Latest Business News, Stock Market Updates and Videos; Check your tax outgo through Income Tax Calculator and save money through our Personal Finance coverage. Check Business Breaking News Live on Zee Business Twitter and Facebook. Subscribe on YouTube.

TAGS:
E-commerceonline shoppingCyber Security
RELATED NEWS
E-commerce firms from now on should have grievance officers E-commerce firms from now on should have grievance officers
90 pct Flipkart sellers back on platform, 125 per cent rise in new MSMEs 90 pct Flipkart sellers back on platform, 125 per cent rise in new MSMEs
E-commerce policy may incentivise kiranas for joining online ecosystem E-commerce policy may incentivise kiranas for joining online ecosystem
Indian e-commerce on its path to recovery; regains 30% of pre-lockdown order: Report Indian e-commerce on its path to recovery; regains 30% of pre-lockdown order: Report
'Cash on delivery' orders likely to go down post Covid 'Cash on delivery' orders likely to go down post Covid

LATEST NEWS

This is why Bill Gates prefers Android over iPhone

Stocks to buy with Anil Singhvi: Buy NBCC for bumper returns - Special Pick

You're going to land of spin, should expect that: Vivian Richards bats for same pitch for 4th Test

REVEALED: 'Laga bhi diya...' - What PM Narendra Modi told nurse P Niveda after COVID-19 vaccine shot

Nidhhi Agerwal: I have nobody to message, nobody to call

Petrol, Diesel Prices Today in your city– Monday relief; Know how to EARN MONEY from rising oil prices

Anil Singhvi’s Strategy March 1: Day support zone on Nifty is 14,465-14,525 & Bank Nifty is 34,650-34,800

Sovereign Gold Bonds Latest News: Looking for cheaper Gold? Here is your opportunity? Know here how to OPTIMISE gains

Bajaj Auto sales up 6 pc to 3,75,017 units in Feb

Stocks to Buy With Anil Singhvi: Thirumalai Chemicals is a top Sandeep Jain pick today

  • India News
  • World News
  • Companies News
  • Market News
  • Personal Finance News
  • Technology News
  • Automobile News
  • Small Business News
  • Income Tax Calculator
  • Live TV
  • Videos
  • Photos
  • Author
  • Rss Feed
  • Advertise with us
  • Privacy Policy
  • Legal Disclaimer

Latest Trending Updates

  • EPFO
  • Budget 2020
  • Income Tax Return
  • Auto Expo 2020
  • Home Loan
  • Business News

Trending Topics

  • Income Tax
  • income Tax Calculator
  • 7th Pay Commission
  • Reserve Bank of India
  • GST
  • Latest Business News

Follow us on

zeebiz
zeebiz

Partner Sites

  • Zee News
  • Hindi News
  • Marathi News
  • Bengali News
  • Tamil News
  • Malayalam News
  • Gujarati News
  • Telugu News
  • Kannada News
  • DNA
  • WION
Copyright © Zee Media Corporation Ltd. All rights reserved