Online Fraud Continues to Hurt eRetailers With Internet Marketing Magazine’s sister Marketing Agency we work with growing many eCommerce stores. One of the big trends that we’ve noticed especially in the last 12-24 months has been the rise of online fraud.
multiple machines to perform tasks. Botnets are often created by hackers developing and distributing malware that once activated allows the computer to be commanded and controlled by the botnets operator (the hacker). A large botnet has been attempting to break into WordPress websites around the world by continually trying to guess the username and password to get into the WordPress admin dashboard. This has affected almost every major web hosting company around the world in the last month. These attacks are called ‘Brute force’ attacks and have reached epidemic levels. Some hosting providers had to lock out their own customers from administering wordpress sites by denying access to login during the worst of the attack whilst they worked on additional defence strategies.
The most common online fraud we see is the use of stolen credit cards to purchase high value resellable items like consumer electronics. CyberSource, a unit of Visa recently said in its annual report that retailers revenue that was online fraud increased over the past two years to reach an esti- mated $3.5 billion in 2012. This figure has risen 30% since 2010. International online orders also have a higher fraud rate, the report says. For the 54% of survey respondents who accept international online orders, the fraud rate last year for orders placed outside of North America was 1.6%, twice the overall e-commerce fraudulent rate of 0.8%.
If you own a wordpress site there are several things that you can do to decrease the probability of your site being compromised. These include but are not limited to: • Upgrade your wordpress version to the latest eCommerce retailers now have a wide range of version tools available to them to help detect fraud. These • Upgrade your plugins and theme files to the include software that predicts the likelihood of a latest version transaction being fraudulent; known stolen credit • Remove any inactive themes as they are still card databases; order velocity checking and manuvulnerable to be hacked/exploited even if they al methods such as contacting credit card owners. are not being used • Change your default login username from the ‘admin’ username Major Brute Force Attacks against Wordpress • Set very tight passwords • Install the ‘Login Limits Attempts’ plugin and Some quick background info: A botnet is a collecother relevant WordPress security plugins. tion of Internet-connected programs running on internet marketing magazine may 2013
3