As the Holiday season gets into full swing a lot of people will be shopping online. I wanted to share some information with you about the security of your online transactions.
Web site skimmers are on the rise and a surge is being seen in the recent month. A website skimmer is when the hackers insert code, usually javascript, on an eCommerce web site payment page to skim off the card information from the entry fields.
Also, in my personal experience with small vendors and PCI/Credit Card protections, most are non-compliant in some regard and put card information at risk.
To help protect yourself from these examples of online card theft I would like to suggest the following ideas:
Use a trusted online payment provider such as PayPal if given a choice instead of providing your card number. AND setup and use 2-factor authentication on that provider.
Use a separate debt card/bank account for online purchases than your main bank account. Transfer money to that card/account as needed.
And as a bonus tip, When purchasing in person, if given the option to use chip vs swipe ALWAYS choose chip. This generates a one time use card number so the retailer does not end up with the card number on the front of the card in their database.
As an FYI, companies that have been targeted for e-skimming attacks recently include NewEgg, TicketMaster, British Airways, Sesame Street Live, Forbes magazine, Picreel, Cloud CMS to name a few. These last two provide e-commerce checkout services to other sites.
Daniel Weatherly
Director of Security Services
Mainstream Technologies Inc.
501-801-6706