The survey, commissioned by VeriSign and conducted by IMRB highlighted that 60% of respondents access the Internet frequently – at least four to six times a week—and 44% shop online with 53% engaging with user generated content (e.g., social networks and blogs). Despite the Internet-savvy of the respondents, the survey further revealed:
38% of survey respondents use the same passwords for multiple log-ins
11% look out for the authenticity of the Web site by looking at the security provider
32% create a secret question that only they can answer
83% do not look for secure Web sites (https:)
Additionally, an overwhelming 84% would like to use two factor authentication (2FA) to secure their online transactions. 2FA is a verification process in which an additional dynamic password is generated at the log in stage by a device such as a credit-card form factor, token or mobile phone in addition to the user name and password.
"As we move more of our lives online, fraud threats follow closely behind,” said Dr. Shekhar Kirani, Country Manager, VeriSign
Awareness and knowledge are the keys to combating cyber fraud. To this end, VeriSign has compiled five tips to follow for a safer online experience.
Look for visual cues. Prominent misspellings and frequent grammatical errors are signs that a Web site is fraudulent. You can also look for simple visual cues that show that the site is authenticated and protected. Cues include a green address bar in high-security browsers such as Internet Explorer 7 and 8, Firefox 3.0 and higher, Opera 9.X and higher, Google Chrome, Safari 3.2, Safari 4, Flock (social networking browser) and the iPhone. Other visual cues include a padlock icon in either the lower or upper right-hand corner of the screen and https:// in the browser; both of these indicate the site is secured.
Check out two-factor authentication. A growing number of sites are accepting a second form of user authentication that comes from physical devices such as a token, credit-card form factor, a USB drive and even your cell phone. Each device provides users with a dynamic one-time password that must be entered into a login page in addition to their user name and password. The extra layer of security hinders potential fraudsters from accessing personal accounts that are accessed by a simple user name and password by adding a second factor of user authentication.
Compare the checkout experience to well-known sites and look for anomalies. Most well-run Web sites—such as Amazon or eBay—send order confirmation, shipping confirmation e-mails and allow you to print out confirmations of your orders. Beware of a simple form with no “visual cues” and no confirmation that you entered or ordered anything. However, if the Web site is fraudulent, victims could lose their money, whether or not it had been entered securely.
Know your vendor. Read their ratings and reviews from other customers and take red flags seriously. Also make sure you have some way of contacting them—look for a phone number and mailing address. Finally, try to find out where the company is based in their “about us” section.
Pay attention to the order form. The site should not ask for more than your name, shipping address, billing address, credit card type, number and expiration. Data such as social security number, bank routing number, etc. should not be collected.