- What Is Malware?
- Why Online Merchants Are Tempting Targets
- Types of Malware
- What Websites Are Most at Risk?
- How Is Malware Spread?
- Add Security to Gain More Trust
- Malware Threats Merchants Must Fight
- Security To-Do List
This chapter is from the book
This chapter is from the book
This chapter is from the book
Why Online Merchants Are Tempting Targets
For years, banks and financial services firms topped the list of industries most frequently targeted in online attacks. As a result of bad publicity, high-profile data breaches, and stricter government regulations, most banks have since tightened their security policies and procedures, making it harder for scammers to steal customer information.
Online merchants are now among the most exposed industries for scammers to steal information from and commit fraud against. Let’s look at the top three reasons why cybercriminals attack merchants:
- Online merchants have data that turns a profit. Cybercriminals know that they can get much of the same information from an online merchant that they’d find at a typical bank, including customer names, addresses, credit card numbers, and bank account details. A clever scammer can use this data to commit identity theft or other types of fraud, or even sell the info on the data black market to big cybercrime rings.
- Scammers use many programming languages. Cybercriminals know the security shortcuts that online businesses, especially small ones, take to save time and money setting up and maintaining a commercial website. As a result, the crooks know how to exploit vulnerabilities in the code.
- Scammers know many online businesses are lean organizations. Those who work for a small company often have multiple roles. When an online company’s marketing intern is also in charge of patching servers and updating browsers, some tasks may not be done properly. Unfortunately, mistakes in this area can be costly. Many online retailers running transaction servers don’t have a formal way to patch software on their servers, and today’s cybercriminals and malware authors are experts in exploiting the vulnerability of unpatched servers.
Without strong security software, solid policies, and best practices for online security, Internet merchants—large or small—are in danger of being attacked by one (or more) of seemingly endless strains of damaging malware.
PayPal Insider: Using Fraud Management Filters
If you use one of PayPal’s payment processing products, you’re protected by multiple fraud management filters. These are tools that can identify payment characteristics that may indicate fraudulent activity.
Fraud Filter Options
If a transaction is flagged by one of these filters, you then have the option of denying payments that are likely to result in fraudulent transactions, or accepting payments that are not typically a problem. You can even opt to further investigate flagged transactions, by comparing prior orders, for example, or by contacting the customer for more information.
Who Can Use the Filters?
PayPal provides free filters for all business accounts. These basic filters screen for the country of origin, the value of the transaction, and other criteria, thus protecting you from obvious fraudulent activity.
When you subscribe to PayPal’s Payments Pro service (at an additional charge), you have access to more advanced filters. These filters screen for credit card and address information, lists of high-risk indicators, and additional transaction characteristics.
What Are the Benefits of Using the Filters?
You save valuable time by letting PayPal review transactions instead of doing it yourself. You also save money by identifying and stopping potentially risky transactions; this reduces chargebacks and lowers your cost of doing business. In addition, you typically end up with more accepted payments because PayPal applies your rules evenly, and with greater accuracy; good customers are less likely to be rejected in error.