Why Online Merchants Are Tempting Targets
For years, banks and financial services firms topped the list of industries most frequently targeted in online attacks. As a result of bad publicity, high-profile data breaches, and stricter government regulations, most banks have since tightened their security policies and procedures, making it harder for scammers to steal customer information.
Online merchants are now among the most exposed industries for scammers to steal information from and commit fraud against. Let’s look at the top three reasons why cybercriminals attack merchants:
- Online merchants have data that turns a profit. Cybercriminals know that they can get much of the same information from an online merchant that they’d find at a typical bank, including customer names, addresses, credit card numbers, and bank account details. A clever scammer can use this data to commit identity theft or other types of fraud, or even sell the info on the data black market to big cybercrime rings.
- Scammers use many programming languages. Cybercriminals know the security shortcuts that online businesses, especially small ones, take to save time and money setting up and maintaining a commercial website. As a result, the crooks know how to exploit vulnerabilities in the code.
- Scammers know many online businesses are lean organizations. Those who work for a small company often have multiple roles. When an online company’s marketing intern is also in charge of patching servers and updating browsers, some tasks may not be done properly. Unfortunately, mistakes in this area can be costly. Many online retailers running transaction servers don’t have a formal way to patch software on their servers, and today’s cybercriminals and malware authors are experts in exploiting the vulnerability of unpatched servers.
Without strong security software, solid policies, and best practices for online security, Internet merchants—large or small—are in danger of being attacked by one (or more) of seemingly endless strains of damaging malware.