Small Commercial Websites: the Greatest Threat to Credit Cards

by John Stevenson on November 27, 2011

Most of the people who do their shopping online feel safe performing e-commerce operations because they are sure their credit card information is protected. After all, so many experts out there assure us that this is the case and we need not feel anxious when visiting commercial sites and buying things from e-merchants. This is true to an extent – namely where big company sites are concerned. With small commercial websites, this is not always true.

Online shopping keeps prospering even though there have been so many big-time security breaches in the news lately. Thousands of credit card numbers are at risk, yet the shopping goes on and on. Today, hackers are targeting small, commercial websites more and more often, on the prowl for unprotected credit card information.

In some cases, con artists actually attain real-time access to these small websites, which allows them to steal valuable credit card information and speedily rack up debt, to the bewilderment of the credit card holders. Very often they are successful. Why is this? The software smaller sites use is often defective, including that for order processing or security. Smaller merchants tend to use generic shopping cart software that they fail to update on a regular basis. And this is a big mistake because, as we know, software security is one of the most, if not the most, dynamic segment of computer technology out there. New and new and improved viruses keep coming out, and new security systems appear accordingly. Then a virus comes that beats the new system, so another system comes out, then another virus, and so on. Believably, the same people producing viruses are those offering security systems.

How do cons get their hands on information available to small commercial websites? This is possible via website background checks. Stealing a credit card number is what identity theft usually starts with. In many cases, the people who steal these numbers sell them to other conmen via underground chat rooms. Credit card information is stolen and traded wholesale – a huge amount of numbers is sold at any given point in time. But the number is not the only info the scammer has. He has a lot of personal information too, which helps identity thieves a great deal. This information can include phone numbers, addresses, e-mail addresses and other data.

There are ways to catch these people in the act, but it is not always easy. For example, your credit card bill shows that you donated a dollar to some kind of charity organization in Canada. You do not remember doing this and have never heard of this establishment. You will probably thus overlook it, and if you do, this means you have made a big mistake. Such small, inexplicable details can help the conman determine whether a credit card is still valid.

Note that the risks involving credit card data provided at small commercial websites in the course of transactions are grave enough as to have prompted Visa and MasterCard to threaten to enforce fines on online businesses, which do not take adequate security measures. Digital security limitations account for 80 percent of all credit card related breaches. These limitations include missing or outdated software security and poorly or incorrectly configured web servers.

Comments on this entry are closed.

Previous post:

Next post: