With the increasing digitalization and interconnection of devices, cyber threats have become increasingly sophisticated and varied, posing a significant challenge to consumers and businesses around the world.
A survey commissioned by Mastercard from Datafolha reveals that seven out of ten Brazilians have already suffered some digital threat, and 13% have already had their data leaked.
Also according to the edition of the “Digital Security Barometer”, released in 2024, 64% of Brazilian companies are the target of fraud and digital attacks with medium or high frequency, which represents a growth of 7% compared to the first edition of the study, released in 2021.
“The second half of the year is a period in which online shopping is intensified, due to dates such as Children's Day, Black Friday and end-of-year festivities. Therefore, it is necessary to be extra careful”, says José Luiz Assoni Jr., Solutions Integrator Analyst Master at Softtek Brasil, a leading multinational in the IT sector in Latin America.
Some of the most common cyber threats when shopping online are:
- Phishing: uma isca digital onde criminosos encaminham e-mails ou mensagens como sendo de empresas confiáveis para enganar o consumidor e roubar suas informações pessoais;
- Payment information theft: Criminals use techniques such as fake websites or data interception to capture consumers' credit or debit card information during an online purchase;
- Fake websites: fake copies of legitimate online stores, created to collect consumers' personal and financial data and make fraudulent purchases in their name;
- Attacks ofMan-in-the-Middle: in this modality, criminals insert themselves into the communication between the consumer and the website to intercept and steal their confidential information, such as passwords and payment details;
- SQL Injection: A hacking technique that allows criminals to manipulate a website's databases to steal personal information or even take control of the website;
- Credit card fraud: a consumer's credit card data can be used to make unauthorized purchases, even if the consumer has not provided this information directly to a malicious website;
- Credential theft: Criminals collect stolen passwords from different websites and try to use them on other platforms to access users' accounts.
“These cyber threats exploit users’ trust to gain unauthorized access to personal and financial information. It is essential to be aware of these practices and adopt security measures to protect your data when shopping online,” explains Assoni.
How to protect yourself
Below, the executive lists some tips for consumers to protect themselves from these threats:
· Check the authenticity of the website: confirm the address and look for security seals;
· Use secure connections: avoid public Wi-Fi and prefer HTTPS;
· Create strong and unique passwords: use complex passwords and enable two-step authentication;
· Keep your software up to date: install security updates;
· Use an antivirus: keep your antivirus updated and perform regular scans;
· Be wary of very good offers: if it seems unrealistic, it probably is;
· Do not click on suspicious links: avoid links from unknown sources;
· Use a virtual credit card: protect yourself when shopping online;
· Monitor your accounts: review statements to detect fraud;
· Make regular backups: ensure that your data is backed up.
Assoni also warns about the role that social networks play in spreading fraud, especially during Black Friday, and how consumers can protect themselves.
“Social media plays a crucial role, both positive and negative, during Black Friday. Among the main scams that spread on social media during this period are misleading ads and promotions, malicious links, fake profiles and stores, phishing scams and fraudulent sweepstakes. In addition, there may be social engineering, which manipulates consumers into handing over confidential information,” warns the executive.
“To avoid these scams, consumers can perform some practices such as checking the store’s reputation and reading reviews from other consumers, as well as manually entering the store’s website in the browser and checking HTTPS, confirming whether the site has a security padlock. I also recommend using secure payment methods, which have some protection factor, such as multifactor authentication and tokenization”, recommends Assoni.
It is worth noting that online retailers must also take steps to protect consumer data and ensure secure transactions.
“Online security involves everything from technical data protection to staff awareness and transparency with customers. Some measures that online retailers can take to protect their consumers are encryption, protecting sensitive data during transmission using HTTPS, obtaining certifications and seals that prove the security of the website, keeping it always updated and monitored in order to correct possible flaws, in addition to detecting and blocking suspicious activities”, he concludes.
