Phishing attacks unlikely to chill online shoppers’ enthusiasm

Online shopping will carry on at full tilt this Christmas season.

Cyber shoppers are unlikely to be deterred by all the recent reports about online fraud, say e-commerce experts. (One of the most recent of these reports makes mention of yet another Trojan bug designed to steal account information from users of popular auction site eBay).

Online shopping confidence will remain largely unaffected, according to Jim Okamura, senior partner at J.C. Williams Group, a Chicago based global retain consultancy firm.

“Shoppers will hardly notice this development and it will hardly make a dent in retail numbers,” he said.

And yet with several serious security breaches, and the proliferation of viruses, industry insiders warn that shoppers and organizations conducting transactions online must never let their guard down.

Though e-commerce security has improved over the years, “it’s still a buyer beware country,” said Joshua Gold, CEO of Auctionwire, a Toronto-based global online auction agency.

Auctionwire runs around 40 commercial and charity auction sites in the U.S. and Canada. The company expects to generate more than US$700,000 in sales this holiday season, compared with the US$500,000 it made in the same period last year.

Gold too doesn’t believe that reports of phishing attacks will in any way dampen the online shopping spirit.

In the early years of e-commerce, shoppers were wary about the security of online credit card transactions. This led to the development of several alternative payment methods, such as PayPal – that have eased people’s fears to some extent.

In its 2005 report on Internet use, Statistics Canada said Canadians ordered more than $7 billion worth of goods and services online.

“In general, Canadian consumers are more comfortable about buying online,” Gold said.

Gold believes a strong Canadian dollar will actually boost online shopping numbers for Auctionwire’s U.S.-based sites.

When the loonie surpassed the U.S. greenback a few weeks ago, Auctionwire experienced an 80 per cent increase in Canadian traffic hitting its American Web sites, he said.

Okamura of J.C. Williams expects Canadian e-commerce to post a 25 per cent growth this year. He said online transactions make about three to four per cent of overall Canadian retail sales.

Another e-commerce specialist believes the attacks such as those against eBay will not stop e-shoppers, but do raise legitimate security concerns for both, online vendors as well as buyers.

There are about 24 million Internet users in Canada. Around one in four of these are said to be registered users of eBay, says Tim Richardson, a professor of e-commerce, marketing and international business at the University of Toronto and Seneca College.

He said an estimated 33,000 Canadian businesses use eBay either as a primary or secondary site to market goods and services.

“Taking these numbers into account, the vulnerability could be seen as quite large.”

Richardson said the most recent attack appears to be a variant of the viral porn Trojan horse (VPTH) previously seen in the U.K.

The method involves attackers posting numerous spoof ads for various items on eBay. Porn images are used to lure buyers. Victims are led to a site containing a Java script that captures the user’s account information.

“More seasoned eBay bidders might not fall for the trick but more recent converts to online shopping could easily fall prey,” he said.

The ranks of new Canadian online shoppers are expected to swell because of a higher loonie exchange rate and daunting lines at Canadian customs posts that confront cross-border shoppers, Richardson said.

He advises shoppers to refrain from clicking on sites or items that appear suspicious.

In most cases, it might be better to stick to bigger or more well-known sites rather than seeking out obscure vendors, said Gold.

Shopping at local sites, he said, has its advantages. “If anything goes wrong, it might be easier to seek redress from a Canadian company that one that’s across the border or halfway around the world.”

eBay Canada did not have an available spokesperson to discuss the online attacks against it but the company has provided some security tips on its site.

The portal’s ‘Security & Resolution Centre’ has advised users not to click on e-mail links requesting personal information.

Spoof e-mails take users to a fake Web site where the Trojan virus resides, the advisory said. eBay said it now has a feature dubbed Account Guard which informs users if they are on the eBay or PayPal site, and warns them if they may be moving to a potentially fraudulent site.

Comment: [email protected]

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs