Safeguard Your Gold Mine From Cyber Theft

Identity theft is one of the fastest-growing crimes in America, affecting hundreds of thousands of consumers every year. As an online merchant, you’re more susceptible than ever to being an unwitting accomplice to this crime by becoming the target of spoofing: a practice in which fraudsters emulate your Web site or e-mail, or otherwise represent themselves as your company.

Moreover, by inadequately protecting your customers’ personally identifiable information (PII) and credit card numbers from cyber-thieves, you may be unknowingly contributing to the alarming rise in consumer identity theft in this country.

In the following article, I’ll focus on ways you can reduce your chances of being spoofed and improve your data-protection practices.

Your Database is a Treasured Commodity

As noted above, using copycat Web sites and bogus e-mail links comprise the latest methods criminals are using to gain access to credit card numbers and other PII of your customers.

Even mega-merchants aren’t immune to such scams. Last summer, Best Buy’s customers were e-mailed about a supposed security breach and asked to give vital PII, including credit card information and social security numbers. The information was captured by the fraudsters after Best Buy customers were redirected to a phony, look-alike Web site.

As an online merchant, your customer database is a virtual gold mine to online criminals — supplying them with passwords, credit card numbers and other consumer PII. Credit card numbers and data are, in fact, available for actual sale by cyber-thieves on the Internet.

As a merchant, you have the means to protect yourself against compromises to your corporate identity, as well as the ability to safeguard your customers against online fraudulent transactions. The necessary steps involve implementing tools to combat fraud and utilizing some best business practices.

Follow These Guidelines

1. Visa’s Cardholder Information Security Program (CISP) is a good place to begin. CISP’s goal is to help regulate the security of Web sites and to protect cardholder information from being compromised.