Cyber criminals to target holiday shoppers

Research by security company PC Tools has revealed that today could be the worst day for web-based attacks on internet shoppers, as the festive shopping period begins to gear up.

Users of the firm's ThreatFire anti-virus tools, which now number roughly half a million, were subjected to the highest number of prevented spyware attacks at the same time last year, according to PC Tools.

Industry body the Interactive Media in Retail Group expects online trading to grow around 15 per cent in the final quarter of 2008, with consumers spending over Ł13 billion online in the run up to Christmas.

Despite consumers favouring debit rather than credit cards to pay for goods online, the IMRG recommends internet shoppers pay via credit cards, because there are greater protections for the customer against fraud this way.

Andrew Moloney, European marketing director for security firm RSA, said that online fraudsters are more likely to strike at this time because of the peak in consumer e-commerce activity.

"Hopefully this report on online threats will remind citizens that we re not all immune to attack," he added. "At the same time, after all of the data thefts publicised this year, people should already be guarding their bank details online just as they would their wallet on the High Street."

Mike Davies, European director of identity and authentication services for Verisign, argued that although that the increase in fraudulent activity represents an opportunity for retailers to reassure customers they are using a safe site.

"Businesses need to be more proactive in making security obvious on their web sites by displaying visible cues such as a padlock or a green address bar, or by allowing consumers to have more control by using strong authentication when logging on," he added.

"Technology that generates a one-time password on a separate device like a token, credit card or mobile phone is a very powerful way to avoid online fraud, and by building security into devices that are always with the consumer, it helps to encourage adoption."

But others dismissed the research as scaremongering.

"The science behind IT security is complex, but implementing a comprehensive and effective IT security solution doesn t have to be," argued Rakash Gupta, chief executive of network and email security vendor PineApp UK.

"Everybody knows that these threats are out there what they need now is sensible, intelligent advice that allows them to accurately assess their risks and put the right measures in place to stop their homes or businesses from being affected."