Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

3/26/2013
05:31 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ThreatMetrix Study Finds Nearly 40 Percent of Retail Organizations Have No Online Fraud Prevention

Despite lack of fraud prevention for most, 85 percent of retail organizations consider it a high priority

San Jose, CA – March 21, 2013 – ThreatMetrix, the fastest-growing provider of integrated cybercrime prevention solutions, today announced the results of a study, which found that 40 percent of retailers have no online fraud prevention in place, despite 85 percent considering online fraud prevention a high priority.

According to CyberSource’s “2013 Online Fraud Report,” online fraud resulted in approximately $3.5 billion in North American revenue loss in 2012. Given this revenue loss, the 40 percent of retailers who do not have fraud prevention in place are taking a major gamble on the security of their profits and sensitive customer transaction and financial data.

The most common IT security attacks retailers experienced in the last year are malware, Trojan and phishing attacks. Of the retailers surveyed, 46 percent experienced at least one malware attack in the past year, and 45 percent experienced at least one Trojan attack.

Despite these attacks, retailers barely spend any time researching IT security threats to stay ahead of cybercriminals. Nearly half (47%) of retail organizations surveyed spend less than five hours researching security threats each month, while 14 percent spend no time on preventative research.

“Retailers need to improve online fraud and cybercrime prevention practices or risk losing customers and revenue,” said Andreas Baumhof, chief technology officer, ThreatMetrix. “When consumers are hacked on e-commerce sites, they often avoid those merchants in the future. By implementing integrated cybercrime prevention solutions, e-retailers can provide a more secure experience for customers.”

In an effort to provide the safest transactions for consumers, retailers need to:

• Screen transactions using previous transaction data to make better decisions about account takeover attacks. By tracking devices and accounts that have a history of fraudulent activity, retailers can block those devices from transactions. • Track transactions that are originating from a different country or IP address than where the account was created. • Screen for customer identification verification at both account login and prior to transaction completion.

The study, titled the ThreatMetrix 2012 State of Cybercrime Study, was conducted by Info-Tech Research Group and surveyed U.S. business managers and IT executives within retail and financial services organizations on the level of cybersecurity solutions they have in place.

For more information on this study, download the full report at http://info.threatmetrix.com/ThreatMetrix_Security_Online_Fraud_Prevention.html About Info-Tech Research Group

With a paid membership of over 28,000 members worldwide, Info-Tech Research Group is the global leader in providing tactical, practical information technology research and analysis. Info-Tech Research Group has a 14-year history of delivering quality research and is North America’s fastest-growing, full-service IT analyst firm. For more information, visit www.infotech.com or call 1-888-670-8889.

About ThreatMetrix ThreatMetrix is the fastest-growing provider of integrated cybercrime prevention solutions. The ThreatMetrix™ Cybercrime Defender Platform helps companies protect customer data and secure transactions against payment fraud, malware, account takeover, fraudulent new registrations, data breaches, as well as man-in-the browser (MitB) and Trojan attacks. The platform consists of advanced cybersecurity technologies, including TrustDefender™ ID, which is cloud-based, real-time device identification, malware protection with TrustDefender™ Cloud and TrustDefender™ Client, as well as TrustDefender™ Mobile for smartphone applications. ThreatMetrix cybersecurity solutions protect more than 1,500 customers and 8,500 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

To join in the cybersecurity conversation, follow us on Twitter @ThreatMetrix.

2013 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the ThreatMetrix Cybercrime Defender Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/14/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Why Cybersecurity's Silence Matters to Black Lives
Tiffany Ricks, CEO, HacWare,  7/8/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14499
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, has an improper access control vulnerability. Successful exploitation of this vulnerability may allow an attacker to obtain all user accounts credentials.
CVE-2020-14501
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, has an improper authentication for critical function (CWE-306) issue. Successful exploitation of this vulnerability may allow an attacker to obtain the information of the user table, including the administrator credentials in plain text. An attacker may also ...
CVE-2020-14503
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, has an improper input validation vulnerability. Successful exploitation of this vulnerability could allow an attacker to remotely execute arbitrary code.
CVE-2020-14497
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities that are vulnerable to the use of an attacker-controlled string in the construction of SQL queries. An attacker could extract user credentials, read or modify information, and remotely execute code.
CVE-2020-14505
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, has an improper neutralization of special elements used in a command (“command injection�) vulnerability. Successful exploitation of this vulnerability may allow an attacker to send a HTTP GET or POST request that create...