The point that there is a significant number of people who have voiced concerns about identify theft, data breaches, and the like, illustrates that education is a major key to on-line safety. Certainly such knowledge is not a guarantee for protection. However, it is an indication that more U.S. consumers are at least aware of the dangers and that shoppers will use caution in selecting sites for on-line Holiday shopping.
"Nearly half of online U.S. adults, or 46% of more than 155 million people, say that concerns about theft of information, data breaches or Internet-based attacks have affected their purchasing payment, online transaction or e-mail behavior. Of all the behaviors affected, online commerce (including online banking, online payments and online shopping) is suffering the highest toll."
Also included in the article is the Gartner recommendation that enterprises employ a two-prong strategy in order to increase consumer confidence and reduce fraud, thus keeping the crooks out.
Follow me on this, please . . .
- Last week I provided information on the Password Manager bug in Firefox 2.0 with a followup report indicating that IE7 is Somewhat Affected.
- In October, I wrote about two-factor authentication in Closing the Gates on Phishing with information on the problems of two-factor authentication, including the "man-in-the-middle attack", trojan attacks as well as phishing.
Although the layered approach Ms. Litan refers to will help allieviate fraud, in light of the browser vulnerabilities and inherent problems with two-factor authentication, there will still be too many consumers at risk. What is encouraging, however, it the increased awareness by consumers to the dangers in unsolicited email:
'The two goals don’t necessarily call for the same technical solutions since the most-effective fraud prevention applications are often invisible to consumers and criminals,” Ms. Litan said. “A layered approach to solving security problems is the most effective. Companies should implement back-end fraud detection, stronger user authentication (beyond single factor passwords), transaction verification for high-risk transactions, and data masking/truncation of sensitive data that is shown on Web-based screens.'"
"Perhaps the biggest impact is a newfound and serious consumer distrust of e-mail. Nearly 70% of online consumers whose behavior has been affected by recent security incidents say that their concerns have affected their trust in e-mail from companies or individuals they don't know personally. Of these, more than 85% delete suspect mail without opening it."Thus, once again the reminder -- if you do not know the sender, do not open the email and, by all means, do not open any attachments! Just as we tell our children to be aware of their surroundings and teach them about "stranger danger", so should we ourselves remember the same thing in connection with our on-line activities. If you are planning on doing on-line shopping for Holiday gifts, stick to the sites you know to be safe. See additional suggestions here.