If you work for any ecommerce website, you should probably read this item, or even if you’re simply interested in the current state of the Internet security landscape. I was dismayed to learn that web bots comprise nearly half of all web traffic (~42%), and almost two thirds (65%) of that traffic is malicious in nature. At least, those were my key takeaways as a potential ecommerce customer.
Note: I found this item in today’s (July 3, 2024) Code Project newsletter.
I agree. This report is very concerning, especially the part about using scraper bots and AI to generate very convincing false ecommerce pages of legitimate companies. This means that we all must be very careful to check the web address of an ecommerce site, BEFORE revealing any personal/financial information, such as our CC number, bank account/routing numbers, etc.
Hopefully most are educated now to not give out personal details… and yet i getvcalls from users who have either had a call from microsoft or a display on there screen saying call this number, which they do, or give the Microsoft agent details… none of which are real agents of the first. I always tell people Microsoft will never call you, just call me instead !
It’s all about the bottom line. Security’s an expense, not a revenue generator, so it gets consideration after all the revenue generating components/features. The information for this report has been collected after the fact (forensically), not as it happens. The point of this item is to convince these ecommerce companies to give security greater consideration (and to choose them as their provider). As such, it should be treated as an essential expense, at least as important as hardware, or any other software required to do business. So far, companies don’t seem to understand this, and that’s a shame, because poor security anywhere on the Internet hurts everyone.
You’re preaching to the choir here. That’s what I’ve been telling everyone who’ll listen for years. Sadly, too many don’t seem to get the message, or remember that advice when those calls/pop-ups come in. It’s almost like an involuntary reflex. A call comes in, or a message pops up on the computer screen, and they answer, giving out all the personal information requested, or click the link, with the same result.
Skmeone in google firefox or the li,e should create a blocker that says this is a spam, or not suitable etc. We have pop up blockers but they dont stop this, on my phone it blocks spam numbers before i get the call automatically, but not on my wife’s phone, yet both are android.
Firefox has a feature that attempts to block malicious websites (if you turn it on), but it’s largely ineffective, because the landscape continually changes (very fast), so it’s nearly impossible to keep up. Currently, the only effective solution I know of is users remaining alert to/conscious of potential threats, and reacting appropriately. Essentially, when you encounter a pop-up/ phone call/email message from an unknown source, don’t respond/click any link in pop-ups/open the email/answer the call, or click on any links there. I know this is very difficult for some people, but it’s the only solution I’m aware of that’s effective. I’m living proof of that: I use Windows 10/11, and GNU Linux; I’ve used the Internet since the Windows 95 days, and the only malware/virus I’ve ever contracted, happened when I downloaded a program from a BBS back in my MS-DOS 3.1 days (early 1990s). If I could learn my lesson from that experience, anyone can learn it now, if they’re willing.