Online shoppers may find themselves targets of phishing websites, phishing emails, greeting card scams, impersonation scams, travel scams, and SMS scams. These scams may deceive shoppers with unbelievably attractive discounts and trick them into clicking malicious links or disclosing personal information. On the other hand, online merchants who do not provide secure payment services for customers or have yet to patch their web servers and software with the latest versions may find themselves at the mercy of cybercriminals who have no qualms about compromising vulnerable websites for financial gains.
We advise online shoppers and online merchants to step up cybersecurity measures during this festive season. We urge online shoppers to avoid using public Wi-Fi networks when making online transactions, and ensure the website supports secure payment service before making online purchases. In addition, we recommend online merchants to patch their web servers and software to the latest versions and ensure their websites provide secure payment service for customers. Online merchants should store the database containing sensitive payment and personal information offline and implement two-factor authentication for customer logins to prevent credential stuffing attacks.
 [SingCERT] Festive Shopping Advisory for Shoppers and Online Merchants
More Weekly Cyber Newsanalysis and insights
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services