With the increasing digitization and interconnection of devices, cyber threats have become increasingly sophisticated and varied, posing a significant challenge for consumers and companies worldwide.
A survey commissioned by Mastercard to Datafolha reveals that seven out of ten Brazilians have already experienced some digital threat, and 13% have had their data leaked.
According to the “Digital Security Barometer” edition released in 2024, 64% of Brazilian companies are targets of digital fraud and attacks with medium or high frequency, representing a 7% increase compared to the first edition of the study, released in 2021.
“The second semester is a period when online purchases are intensified, due to dates such as Children’s Day, Black Friday, and end-of-year celebrations. That’s why extra care is needed,” says José Luiz Assoni Jr., Solutions Integrator Analyst at Softtek Brasil, a leading multinational IT company in Latin America.
Some of the most common cyber threats in online shopping are:
- Phishing: a digital lure where criminals send emails or messages pretending to be from trusted companies to deceive consumers and steal their personal information;
- Theft of payment information: criminals use techniques such as fake websites or data interception to capture consumers’ credit or debit card information during an online purchase;
- Fake websites: fake copies of legitimate online stores, created to collect consumers’ personal and financial data and make fraudulent purchases on their behalf;
- Man-in-the-Middle Attacks: in this modality, criminals insert themselves in the communication between the consumer and the site to intercept and steal their confidential information, such as passwords and payment data;
- SQL Injection: a hacking technique that allows criminals to manipulate a website’s databases to steal personal information or even take control of the site;
- Credit Card Frauds: consumer credit card data can be used for unauthorized purchases, even if they have not directly provided this information to a malicious site;
- Credential Theft: criminals collect stolen passwords from different sites and try to use them on other platforms to access users’ accounts.
“These cyber threats exploit users’ trust to gain unauthorized access to personal and financial information. It is essential to be aware of these practices and adopt security measures to protect your data during online purchases,” explains Assoni.
How to Protect Yourself
Below, the executive lists some tips for consumers to protect themselves from these threats:
· Check the site’s authenticity: confirm the address and look for security seals;
· Use secure connections: avoid public Wi-Fi and prefer HTTPS;
· Create strong and unique passwords: use complex passwords and enable two-factor authentication;
· Keep your software up to date: install security updates;
· Use an antivirus: keep your antivirus up to date and perform regular scans;
· Be suspicious of offers that seem too good to be true: if it seems unreal, it probably is;
· Do not click on suspicious links: avoid links from unknown sources;
· Use a virtual credit card: protect yourself in online purchases;
· Monitor your accounts: review statements to detect fraud;
· Make regular backups: ensure secure copies of your data.
Assoni also warns about the role that social networks play in the spread of fraud, especially during Black Friday, and how consumers can protect themselves.
“Social networks play a crucial role, both positive and negative, during Black Friday. Among the main frauds that spread on social networks during this period are misleading advertisements and promotions, malicious links, fake profiles and stores, phishing scams, and fraudulent giveaways. In addition, there may be social engineering, manipulating consumers to give out confidential information,” warns the executive.
“To avoid these scams, consumers can practice some actions such as checking the store’s reputation and reading reviews from other consumers, as well as manually entering the store’s website in the browser and verifying HTTPS, confirming if the site has the security padlock. I also recommend using secure payment methods that have some protective factor, such as multi-factor authentication and tokenization,” Assoni recommends.
It’s worth mentioning that online retailers should also take steps to protect consumers’ data and ensure secure transactions.
“Online security involves everything from technical data protection to team awareness and transparency with customers. Some measures that online retailers can take to protect their consumers include encryption, safeguarding sensitive data during transmission using HTTPS, obtaining certifications and seals that demonstrate the site’s security, keeping it always updated and monitored to correct possible flaws, as well as detecting and blocking suspicious activities,” concludes.
