Identity theft turns online shopping sour

Photo/File  Be cautious before making that online purchase, confirm the website address. There are criminals on the prawl waiting to get your details.
Photo/File Be cautious before making that online purchase, confirm the website address. There are criminals on the prawl waiting to get your details.  

Seen a nice shoe or watch you want to buy online? With a couple of clicks and filling the necessary information it could be yours.

Such transactions have only been made possible by the enhanced broadband internet speeds that are quickly helping build a huge internet consumer community in Kenya.

Never forget, however, that the internet is packed with criminals who are always on the prawl waiting to pounce your personal identity and details.

These online gangs have made e-markets extremely dangerous-especially where shoppers are required to use their credit cards.

A global headache, companies transacting in e-commerce have invested heavily in securing their payment sites but most have left it to the shoppers to secure their own bank accounts from the criminals.

Malicious criminals use fake or modified websites to get their victims information.

Criminals can attack many computers at a go with malware, when it happens the network of the infected computers is technically referred to as botnets. This means a bot connected to the internet, thus the name.

When a computer is compromised by an attacker, there is often code within the malware that commands it to become part of a botnet.

Unless a user is keen it is difficult to detect when a botnet is running in the background of a computer and the risk posed when putting in bank details on the fake site when purchasing goods online are quite high.

Botnets mainly store the keystrokes of the victims’ identity information, which is used by cyber fraudsters to steal from the accounts.

Since this family of malware runs in the background of an infected computer, argues experts, criminals can transfer money out of bank accounts, make purchases with other people’s money, and engage in identity theft without the knowledge of the owner.

Danson Muchemi, CEO of Webtribe Limited, a software development company, says protecting your computer from viruses is the sure way of keeping criminals at bay. Adding users must be vigilant when browsing and take caution not to click on suspicious links.

“You should never click on a link from someone you do not know. Even if it’s from a known sender be careful since it may be spam,” says Mr Muchemi.

“Never enter your credit card information on a site that begins with only ‘http://’. If a website ever asks you to enter your credit card information, you should automatically look to see if the web address begins with ‘https’.

The additional letter, ‘s’, shows the web page is secured and is most likely from a trusted vendor.

He says spammers often send malware camouflaged in links and once the target clicks the link open, the malware gets installed onto the computer.

On unsecured networks, (those that have only have http://), Mr Muchemi says a hacker could easily steal information like usernames, passwords and credit card numbers, which could lead to identity theft.

Computer safety

One of the main ways of keeping your computer safe is making sure you religiously update your operating system, have a working anti-virus and monitored firewall.

He also argues that external storage devices like USB’s can contain infected documents and should be scanned to avoid infecting the machines before use.

Josphaht Rugambi, a computer scientist, says porn sites and those offering free software are common hosts for computer viruses.

Cybercriminals are masters at social engineering and trick users into installing malware on their computers, says Mr Rugambi.

Adding it is not only computers that are at risk but also smartphones, since they also can be conveyors of malware once connected to the Internet.

“If your smartphone or computer hangs, becomes slow or switches off unexpectedly then that could be a sign that someone could be stealing your data….worse still this could also mean your key passwords may have been compromised and that could prove costly in the long run.”

It is advised that one should change their email and bank account passwords often just in case they have already been compromised.

Shortened web addresses hide the full location. Clicking on unknown links unless one is sure of the source can direct one to unintended site or one that installs malware on an Internet connected device, said Mr Rugambi.

“Simply searching for a popular topic and clicking on a poisoned link can have serious consequences.”