According to the statistics, although the adoption of e-commerce in Latin America has not yet reached the same levels as in other regions of the world, this is home to approximately 300 million digital buyers, a figure that is expected to grow, more than 20% by 2025, as online retail sales reach approximately $160 billion for the same year. However, just as a high level of growth is expected in the sector, cybercrime, fraud and digital scams in e-commerce are increasing and threatening the progress of small and medium-sized companies.
Although Costa Rica is one of the countries that presented the lowest increase in cybercrime according to the Kaspersky Threats in Latin America 2021 report, with barely an increase of 2% compared to the previous year. 2022 left the country in check when in May it suffered a cyber attack by the group of Russian cybercriminals “CONTI” that affected 27 government institutions from which relevant and confidential information was stolen, which makes it clear that any organization can be a victim of cybercrime. In this sense, having security methods and strategies that protect privacy is essential both for businesses and for the final consumer, so that the reliability between both parties is not affected.
“E-commerce is a sector that must commonly process a large number of personal data and cards or payment methods, therefore it requires special and rigorous security measures that allow it to deal with all the threats it is facing. exposed to the consumer and the organization, whose consequences not only affect the financial part but also in terms of the reputation, transparency and legitimacy of the site and, in turn, the privacy, information and integrity of the user.” explained Ingrid Mora, general manager for Costa Rica at Noventiq.
It is important to keep in mind that, many times, the best protection begins by explaining and educating employees on the importance of protecting their data, their devices. In that each worker understands the importance of their role when it comes to protecting the company from a cyberattack. In addition to this, of course, it is necessary to have the appropriate technological solution to safeguard the company’s systems.
Just as technology innovates, so do cybercriminals, and scams can be hard to spot. The most common ones and how to avoid them are shared below:
- Links or attachments: One of the most common strategies is undoubtedly the introduction of malware through links or attachments included in emails with offers. The main thing is not to enter these links and check the authenticity of the sender. The email description should display the address which, although it is generally hidden, is the one that reveals whether the company or someone who wants to impersonate their identity is really writing. Finally, it must be taken into account that an email address does not represent a company.
- Incorrect typography: Fake email addresses and URLs very similar to those of authentic companies, is another of the strategies thought up by hackers. They usually take users directly to payment or access websites to obtain bank and personal information. Given this, purchases must be made in stores attached to the official site and from it, verify that the address begins with “https”, not only with “http”, the additional “s” means “secure” and verify that the bar has the lock icon.
- Non-existent products: On many occasions, cybercriminals take advantage of social networks as a virtual store and even a payment platform, which ultimately result in non-existent products and fraudulent e-commerce. In this sense, an online search for the product must be carried out, verifying the history, age and references of the store such as comments, reviews, labels and other actions. It is also important to compare prices on different sites and assess whether it is better to buy at a higher price than suffer a possible scam.
- More information than usual: Some websites ask you to fill out forms to subscribe to their promotions or catalogs. You should not provide more information than usual that puts personal data at risk. Likewise, when receiving shipments, you only have to provide the address and data of the recipient, avoiding at all costs providing very specific information that can later be used for malicious purposes.
- Only one payment method: Those who require only bank transfer, and avoid providing more payment methods to guarantee offers, are commonly scammers who know that, unlike credit cards or different electronic payment services, there are few resources to recover the transferred money. In all cases, having comprehensive protection software that manages to prevent browser access to suspicious websites and also warns of such sites in search results is essential.
Identifying possible threats
“The great problem that exists in terms of cybersecurity is the lack of knowledge and the ability to react when identifying possible threats, therefore, it is important to provide advice that helps users and consumers to be more alert when carrying out the purchases by any website, since these turn out to be the most affected by the growth of cyber attacks on small and medium-sized companies. Having security methods that fully protect the technology and vital devices to operate is essential, preventing is protecting”, they concluded from Noventiq.