{"id":2565,"date":"2014-09-15T15:10:16","date_gmt":"2014-09-15T15:10:16","guid":{"rendered":"http:\/\/kasperskydaily.com\/b2b\/?p=2565"},"modified":"2020-02-26T10:55:38","modified_gmt":"2020-02-26T15:55:38","slug":"the-biggest-sources-of-stolen-banking-information-online-retailers","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/the-biggest-sources-of-stolen-banking-information-online-retailers\/2565\/","title":{"rendered":"The biggest sources of stolen banking information: online retailers?"},"content":{"rendered":"<p>A recent <a href=\"http:\/\/media.kaspersky.com\/en\/IT_Security_Risks_Survey_2014_Global_report.pdf\" target=\"_blank\" rel=\"noopener nofollow\">Kaspersky Lab survey<\/a> surprisingly found that e-commerce and online retailer businesses are the two biggest sources of stolen banking information. Well, that\u2019s probably quite obvious, but at the same time looks plain wrong.<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2014\/09\/06020129\/wide-1.jpg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-2566\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2014\/09\/06020129\/wide-1.jpg\" alt=\"wide\" width=\"1000\" height=\"750\"><\/a><\/p>\n<p>Even worse, these segments are the least likely to deploy and update specialized anti-fraud measures to protect financial transactions.<\/p>\n<p>The figures: 48% of e-commerce\/online retail businesses and 41% of financial services organizations have reported losing some type of finance-related information to cybercriminal activities within a 12 month period. This means that almost half of the entities directly involved with other people\u2019s financial transactions may and likely will lose some of this information over the course of a year.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>The biggest sources of stolen banking information: online retailers #protectmybiz<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2F1gU1&amp;text=The+biggest+sources+of+stolen+banking+information%3A+online+retailers+%23protectmybiz\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>Financial organizations are highly dependent on their clients\u2019 trust; losing such data means losing this trust, which may be further burdened by costly legal penalties, not to mention removal and clean-up costs. As always, it\u2019s much easier to not let the malware in than to eradicate it afterwards.<\/p>\n<p>Still it\u2019s quite strange that online merchants are that \u201crelaxed\u201d in their attitude towards IT security and technologies. According to the survey, just 53% of them reported to \u201cmake every effort to keep anti-fraud measures up to date,\u201d which is 10% lower than the overall global average, and the lowest overall of any business segment.<\/p>\n<p>Since the entire business model of online merchants is based on online and electronic payment processing, this reluctance to invest in anti-fraud measures seems highly counter-intuitive. Even counter-logical.<\/p>\n<p>The situation in the financial services segment is a bit better: 64% of financial service providers said they make every effort to keep their anti-fraud measures always ready. A response rate tied for highest across all segments.<\/p>\n<p>This enthusiastic response is the complete opposite of the attitudes in the e-commerce\/online retail segment. Additionally, 52% of the financial services segment reported a desire to implement new technologies to protect financial transactions, compared to 46% of the e-commerce\/online retail segment.<\/p>\n<p>Kaspersky Lab\u2019s survey also asked businesses that had experienced a serious data loss incident about steps taken afterwards to protect their customers.<\/p>\n<p>Despite their differing attitudes, both the online retailers and financial services sectors took similar steps \u2013 implemented additional protections. The most common measure implemented was \u201cproviding secure connections for customer transactions,\u201d which was done by 88% of financial services organizations, and 78% of e-commerce\/online retailers.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Online retailers\u2019 reluctance to invest in #anti-fraud measures looks #weird #protectmybiz<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2F1gU1&amp;text=Online+retailers%26%238217%3B+reluctance+to+invest+in+%23anti-fraud+measures+looks+%23weird+%23protectmybiz\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>Financial service providers are also more focused on providing specialized solutions for mobile devices than e-commerce\/online retailers (75% vs 56%, respectively).<\/p>\n<p>One more interesting finding: both financial service providers and e-commerce\/online retailers following a data breach occasionally provided free or discounted versions of premium internet security software to their customers. But this was the most uncommon move among them: it looks as though these businesses prefer to invest in the security of their own systems, rather than investing in securing their customers\u2019 devices.<\/p>\n<p>It is also appropriate to mention here that there are a formidable number of users considered financial service providers (banks, etc.) directly responsible for their own security and expect them to reimburse losses, no matter the cause: they may have no security solution on their smartphones, and still expect that banks return the money lost to a fraudulent transaction. According to a survey this isn\u2019t a mainstream point of view, but it\u2019s still quite popular.<\/p>\n<p>To sum things up, let\u2019s point out a few points, seemingly obvious, but apparently not obvious enough:<\/p>\n<ol>\n<li>If your business is \u201cclose to others\u2019 money\u201d, malicious attempts on it <em>will<\/em> happen. No exceptions. So it is indeed strange to see that online retailers are that relaxed about security.<\/li>\n<li>Just like a fire in a household, an IT security incident (fraudulent transaction included) are easier to prevent rather to clean up afterwards.<\/li>\n<li>Incidents don\u2019t need to happen to beef up your security. They don\u2019t need to happen at all.<\/li>\n<li>Users feel better towards the businesses they work with, if those provide <em>visible <\/em>protection. Or at least make it clear to the users that their transactions are indeed well-protected. So free and discounted versions of security software is a good idea. However, it\u2019s best to use <a href=\"https:\/\/www.kaspersky.com\/business-security\/fraud-prevention\" target=\"_blank\" rel=\"noopener nofollow\">a full-range protective suit that covers every transaction all along.<\/a><\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Kaspersky Lab&#8217;s recent survey surprisingly found that e-commerce, online retailers and financial service providers are not just the biggest sources of stolen financial data, but also feel just a bit too lax about security. However, this has some severe implications.<\/p>\n","protected":false},"author":209,"featured_media":15955,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3052],"tags":[2185,2780,433,422],"class_list":{"0":"post-2565","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-online-retailer","10":"tag-retail","11":"tag-security-breach","12":"tag-threats"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/the-biggest-sources-of-stolen-banking-information-online-retailers\/2565\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/the-biggest-sources-of-stolen-banking-information-online-retailers\/2565\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/the-biggest-sources-of-stolen-banking-information-online-retailers\/2565\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/retail\/","name":"retail"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/2565","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/209"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=2565"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/2565\/revisions"}],"predecessor-version":[{"id":33317,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/2565\/revisions\/33317"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/15955"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=2565"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=2565"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=2565"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}