Online fraud is now so commonplace that criminal gangs are using it as part of a wider range of activities to make money out of an increasingly susceptible public. So says John Downey, security lead at payment company Braintree, a PayPal service that offers a range of solutions, including tokenization, for payment security.
"There's been a rapid normalization of online fraud as people see how profitable it can be. You see the industry adjusting to combat that," says Downey, who works on the company's infrastructure and integrations into the banking system. "What concerns me is how many attacks we are seeing on a day-to-day basis."
This was made evident in May this year when there was an unprecedented attack on thousands of computer systems around the world, after a worm -- dubbed WannaCry or WanaCrypt0r -- encrypted computers in more than 150 countries, with ransoms of $300-$600 to restore access. There were an estimated 45,000 attacks across the UK, Russia, Ukraine, India, China, Italy, Egypt and beyond, with major companies infected.
One of the reasons these attacks spread so easily is that businesses and consumers don't update their software on a regular basis. Downey likens it to a situation in which a is left in a garage and a thief jiggles all of the doors to see if one has been left unlocked: "People don't realize they are leaving that proverbial car unlocked because they don't understand the nature of these random attacks."
At the heart of the problem is the diversification of organized crime. "Criminals can also be savvy at business. They need to diversify because they don't want just one scam to bring in all of their revenue; it may be shut down, they may have a slow month and then they'll have a cashflow problem," says Downey.
Hacks and the threat of information theft have led to a mistrust of e-commerce among sections of the population, says Downey. To counter that unease, simple measures need to be enacted by retailers in order to maintain the public's trust.
For example, this can be achieved by ensuring they create a trustworthy environment for consumers, such as by serving websites via SSL, which establishes a secure and encrypted connection between the customer and business.
But for both businesses and consumers, one simple thing remains consistent: those who can keep both their security up to date and their passwords secure will be ahead of the crowd, says Downey. "You will then be far ahead of the curve of the average business or consumer."
So don't use variations of one password on lots of accounts. If criminals hack a database with your log-in credentials, they will then be able to crack your passwords on other accounts. Make sure your passwords have lots of characters and include random numbers, symbols and capital letters. Steer away from obvious dictionary words, and importantly make each of your passwords completely different.
Keeping your customers' information secure is paramount. One way of doing this is by using Braintree, a PayPal service. Braintree is a payment platform that specializes in payments security and offers a range of solutions for businesses, including tokenization to ensure customers' credit card information is encrypted. With the combination of this security technology and the scale and familiarity of PayPal, you and your customers can feel confident that their transactions are protected.
© 2017 Guardian Web under contract with NewsEdge/Acquire Media. All rights reserved.