5 tips for safer online selling
In Poland there are about 100 thousand online stores and 77% of Internet users declare that they use online shopping. Trade on the web is growing rapidly and digitalization is becoming essential for the functioning of many businesses. Experts emphasize that an increased number of cyber threats are to be expected, and adherence to IT security rules is becoming particularly important – also for the e-commerce industry.
Retailers vulnerable to attacks
Already in 2020 until 87% of retailers have experienced at least one security breach. According to the WAF system (Web Application Firewall, available for those hosting at cyber_Folks), website in Poland is attacked on average About. 6,000 times a year. Cybercriminals try to install malicious software (ransomware) or spam the store with fake product reviews with outbound links. They also target customer databases and passwords which can be used to try and log into online banking or social networking sites. Any attack, regardless of its scale, exposes the store to loss of reputation and trust, that are difficult to rebuild.
To prevent such a situation, you can not underestimate the issue of safety. The following list is a package of basic issues to pay attention to when setting up a new e-shop or carrying out a security audit of an existing service.
1. Secure your domain
Vulnerability to attacks may result from the domain name. “Typosquatting” is the use of an address confusingly similar to a given website, e.g. xbank.pl and xbenk.en. based on the proximity of the characters on the keyboard, and this is just one type of threat. A fake website can be used to attract cybercrime victims. It is worth to consider registering similar domains to ours to avoid fraudsters.
2. Check if your software provider cares about security issues and remember about updates
When deciding whether to set up or migrate an online store, it is necessary to consider not only cost or accessibility issues, but also cyber security aspects. In the case of open source solutions, any security vulnerabilities are “patched” on an ongoing basis in subsequent updates, which constantly have to be made.
– Globally there are about 300 thousand stores using our software. In Poland it is about 25 thousand. Popularity of the solution and the community of developers focused around it makes that any errors reported by individual users are analyzed. We respond in real time, always making security a priority – explains Mateusz Osiecki, Country Manager for Poland in PrestaShop.
3. Install an SSL certificate
Lack of SSL certificate has a negative impact not only on customers’ sense of security, but also on Google search engine rankings. For an online store, the information “this site is not secure” will adversely affect the conversion rate.
Certificates are responsible for data encryption (e.g. When logging into the store) and confirm the identity of the domain owner. We can divide them into several categories differing by the level of credibility of the confirmation – from DV certification (Domain Validation), by OV (Organization Validation) after EV (Extended Validation). Only commercial OV/EV certificates will help your store in case of phishing attacks.
4. Choose your hosting consciously
The choice of hosting is a key element of online store security. It is worth asking the provider about how to protect against hostile traffic.
– The issue of backups is also important when choosing hosting. They should be performed daily, or even several times a day. In addition to the frequency, the length of its storage is also important. At cyber_Folks, a hosting service for online stores, database copies are made every 4–6 hours, and files – every 24 hours. They are available up to 28 days back. Additionally, it is worth noting that having data centers in different cities, we are able to store backups in a location even 500 km away from the production server, which is an additional protection in case of possible disasters such as fire or flood – highlights Artur Pajkert, Head of Marketing at cyber_Folks.
5. Secure payments – secure customers
Online payments are one of the most vulnerable areas to cyber threats. To protect yourself and your customers, it is essential to use proven solutions such as. PayPal or appropriately secured modules for payment cards. Available solutions provide an additional layer of protection alongside standard e-banking security.