Hackers in Greater China target online transactions, building ‘dossiers’ of information on individuals, expert says

Greater China is facing an increasing number of cyberattacks on online transactions, with e-commerce websites being the most vulnerable, according to a recent cybersecurity report.

The increasing number of attacks on e-commerce websites come about as the trend of cross-border e-commerce continues to grow, with more consumers shopping online for the best deals, according to cybersecurity firm ThreatMetrix’s Q3 2016 cybercrime report.

According to ThreatMetrix data, fraudulent log in attempts comprise about 11.8 per cent of e-commerce transactions in Asia-Pacific, compared to 4 per cent in the finance industry as hackers become more interested in gathering user data to exploit people’s identities down the road.

E-commerce sites often make it easy for customers to log in or create an account, forgoing extra layers of security such as two-factor authentication to create a frictionless shopping experience, said Alisdair Faulkner, chief products officer and co-founder of cybersecurity firm ThreatMetrix.

He added that e-commerce sites are often “sitting ducks” for such hackers because users often give such sites a wealth of personal information, including addresses and phone numbers, allowing hackers to compile “dossiers of information” for later use.

“With your identity, [hackers] could access your medical record, insurance, even your bank accounts. They could collect enough information, impersonate someone’s identity and apply for a loan at a bank … or commit tax fraud,” he said.

These same e-commerce sites often lack strong authentication measures for customer log ins, and often do not inform users about data breaches.