Scammers are always on the lurk during the festive shopping season

Kaspersky’s latest data uncovered that the number of e-commerce related phishing attempts in Singapore rose by close to 50%, with 17,800 attacks in Q2 2022 from just 12,185 incidents in Q1 2022. The quarter-on-quarter rise could potentially be attributed to the easing of borders and nearing of the mid- to year-end shopping season in the country.

This situation is not unique to Singapore; in fact, every economy in the region is fair target for cybercriminals during the festive shopping season.

With the biggest online shopping events round the corner, starting with the 11.11 Singles Day sales, festive season shoppers have traditionally been a lucrative target for scammers who have come up with increasingly innovative ways to trick consumers over the years.


Here are 5 tips that platforms can adopt to better protect their customers online:

    1. Ensure platform security by design along with leveraging SaaS providers. Look beyond native security if you’re using a platform or website builder. Implement additional security plug-ins and third party security solutions to secure your storefront on the platform to further deter cyber criminals and strengthen your defense perimeter. Third party solution providers such as Kaspersky will also help streamline additional security needs along with help free up in-house personnel to focus on pressing areas of the business.
    2. Install an SSL certificate to encrypt all data. “Secure Sockets Layer” or SSL is an indication that the website or platform is secure for shopping. Essentially, it is an encryption method that protects sensitive or personal information such as credit card details. Ensure your platform’s SSL certificate is up to date for additional security and is HTTPS hosted. This provides an additional trust signal for shoppers who are increasingly tech savvy.
    3. It’s all about the data, so avoid storing it in silos and only collect data that you need. The more data you collect, the more data you’re responsible for and there’s more at risk. Avoid collecting unnecessary data points and avoid storing data in silos. Where possible, ensure that it is encrypted. This allows you to balance customer experience, business convenience and data security. In addition, data protection laws are increasingly complex. Hence divesting data that is not needed will help streamline procedures.
    4. Enable multi-factor authentication. Apart from a strong unique password and user ID, leverage an additional mode of identification for the user that is logging into the site. This provides an additional layer of security.
    5. Educate your customers! Humans remain the weakest link in the cyber security attack chain. Hence, during peace time ensure that you’re leveraging your internal and external communications tools to educate your customers on the signs of danger and what to keep an eye out for when shopping online.