A recent survey by CIFAS, the UK’s Financial Fraud Prevention Service found that 43.5% of surveyed consumers feel that companies should do a better job of verifying customer details. The report also found that 25% of respondents thought that better online security would prevent fraud.
Hardly a surprise wouldn’t you say? Much of the fraud that occurs is a direct result of poor business processes that are easily compromised by fraudsters.
Fraudsters are a clever lot.
With only a little bit of social engineering, they can trick customer service agents or an eCommerce system into thinking they are making a perfectly legitimate request to change a shipping address, or to change other account details that could be fraudulent. There are a shocking number of companies who will make account changes upon request with basic or no customer verification checks. Remember the Mat Honan hack?
Of course there is a fine line between making the online shopping experience quick and pleasant, and making it cumbersome. Having balance is necessary. eCommerce merchants can do a lot more to improve their processes to prevent fraud, but we as consumers can also do more to prevent our online accounts from becoming compromised.
Here are 3 simple tips to enhance online security:
- Enable two-step verification on your account if its available: I’d bet most of you have received a one-time passcode on your phone via SMS or voice call that you have to enter in a website to verify yourself at one time or another. It’s actually a really quick and secure way to achieve customer verification. If it’s available – switch it on! Learn more how Google has enabled two-step verification here.
- Don’t use the same password on all of your online accounts!: This is a HUGE issue. I’m sure this doesn’t apply to you dear reader (tongue firmly in cheek), but many people will use the same static password across all of their online accounts because it’s easy to remember. This introduces the risk of a massive compromise. Just imagine, your email account gets hacked, then your social networks, and then your online shopping accounts, all because they are linked with the same password. Don’t let one password be the key to the entire castle!
- Challenge inbound calls from Customer Service Agents: Ever received a call from your “bank” or a “mobile phone network” or a “department store” and right away they ask you to verify certain details? Yeah, me too. Be aware. Fraudsters are getting bolder and calling us directly to convince us that they are trying to help us. So don’t be so quick to give up your very valuable security answers! Don’t be afraid to challenge them with questions of your own. I’ve used questions like, “You give me the first three digits of my post code, and I’ll give you the last three.” Or “I’ll give you the sort code, but you tell me the account number.” Basically any questions where you know half the answer, and the caller should know the other half, works really well.
Stay secure out there!
Free image courtesy of FreeDigitalPhotos.net