Professional Documents
Culture Documents
Cyber Unit 2 Lecture 1
Cyber Unit 2 Lecture 1
It is easy to set up
There are no geographical boundaries
Much cheaper than traditional business.
There are flexible business hours
Marketing strategies cost less.
Online business receives subsidies from the government.
Types of e-Commerce:
Now there are actually many types of e-Businesses. It all depends on who the final
consumer is. Some of the types of e-commerce are as follows:
Ecommerce operates in all four of the following major market segments. These
are:
Business to business (B2B), which is the direct sale of goods and services
between businesses
Business to consumer (B2C), which involves sales between businesses
and their customers
Consumer to consumer, which allows individuals to sell to one another,
usually through a third-party site like eBay
Consumer to business, which lets individuals sell to businesses, such as
an artist selling or licensing their artwork for use by a corporation1
i) Business-to-Consumer (B2C)
In a Business-to-Consumer E-commerce environment, companies sell their online
goods to consumers who are the end users of their products or services. Usually,
B2C E-commerce web shops have an open access for any visitor. Ex: Amazon
ii) Business-to-Business (B2B)
In a Business-to-Business E-commerce environment, companies sell their online
goods to other companies without being engaged in sales to consumers. In most
B2B E-commerce environments entering the web shop will require a log in. B2B
web shop usually contains customer-specific pricing, customer-specific
assortments and customer-specific discounts. Ex: Alibaba
But there are certain drawbacks that come with ecommerce sites, too. The
disadvantages include:
Limited customer service: If you shop online for a computer, you cannot
simply ask an employee to demonstrate a particular model's features in
person. And although some websites let you chat online with a staff
member; this is not a typical practice.
Lack of instant gratification: When you buy an item online, you must wait
for it to be shipped to your home or office. However, e-tailers like Amazon
make the waiting game a little bit less painful by offering same-day delivery
as a premium option for select products.
Inability to touch products: Online images do not necessarily convey the
whole story about an item, and so e-commerce purchases can be
unsatisfying when the products received do not match consumer
expectations. Case in point: an item of clothing may be made from
shoddier fabric than its online image indicates.
E-Governance
http://www.vssut.ac.in/lecture_notes/lecture1428551057.pdf
THREATS to E-COMMERCE:
http://www.vssut.ac.in/lecture_notes/lecture1428551057.pdf
https://www.getastra.com/blog/knowledge-base/ecommerce-security-threats/
https://www.javatpoint.com/security-threat-to-e-commerce
1. Financial Frauds:
a. Credit Card Fraud: It happens when a cybercriminal uses stolen credit card data to buy
products on your e-commerce store. Usually, in such cases, the shipping and billing addresses
vary. Another form of credit card fraud is when the fraudster steals your personal details and
identity to enable them to get a credit card.
b. Fake Return & Refund Fraud: The bad players perform unauthorized transactions and clear
the trail, causing businesses great losses. Some hackers also engage in refund frauds, where they
file fake requests for returns.
c. The Risk of Tax Evasion: The Internal Revenue Service law requires that every business
declare their financial transactions and provide paper records so that tax compliance can be
verified. The problem with electronic systems is that they don't provide cleanly into this
paradigm. It makes the process of tax collection very frustrating for the Internal Revenue Service.
It is at the business's choice to disclose payments received or made via electronic payment
systems. The IRS has no way to know that it is telling the truth or not that makes it easy to evade
taxation.
d. The Risk of Payment Conflicts: In electronic payment systems, the payments are handled by
an automated electronic system, not by humans. The system is prone to errors when it handles
large amounts of payments on a frequent basis with more than one recipient involved. It is
essential to continually check our pay slip after every pay period ends in order to ensure
everything makes sense. If it is a failure to do this, may result in conflicts of payment caused by
technical glitches and anomalies.
2. Phishing
Several e-commerce shops have received reports of their customers receiving messages or emails
from hackers masquerading to be the legitimate store owners. Such fraudsters present fake copies
of your website pages or another reputable website to trick the users into believing them.
3. Spamming
Some bad players can send infected links via email or social media inboxes. They can also leave
these links in their comments or messages on blog posts and contact forms. Once you click on
such links, they will direct you to their spam websites, where you may end up a victim.
Many e-commerce websites have incurred losses due to disruptions in their website and overall
sales because of DDoS (Distributed Denial of Service) attacks. What happens is that your servers
receive a deluge of requests from many untraceable IP addresses causing it to crash.
5. Exploitation of Known Vulnerabilities
Attackers are on the lookout for certain vulnerabilities that might be existing in an e-commerce
store. Often an e-commerce store is vulnerable to SQL injection and Cross-site Scripting (XSS)
a. SQL Injection
It is a malicious technique where a hacker attacks your query submission forms to access your
database. They corrupt your database with an infectious code, collect data, and later wipe the
trail.
6. Bots
Some attackers develop special bots that can scrape your website to get information about
inventory and prices. Such hackers, usually your competitors, can then use the data to lower the
prices in their websites in an attempt to lower your sales and revenue.
7. e-Skimming
E-skimming involves infecting a website’s checkout pages with malicious software. The intention
is to steal the clients’ personal and payment details.
8. Password Breaches
One of the biggest e-commerce security threats is the password breach in which cybercriminals
hack into the databases of organizations and steal their sensitive information. The data is further
exposed to the public including account numbers, names, social security numbers, and almost
every personal information. According to a German research group, nearly 2.2 billion stolen emails
and passwords have surfaced online for the access of cybercriminals.
HTTPs protocols not only keep your users’ sensitive data secure but also boost your website
rankings on Google search page. They do so by securing data transfer between the servers and the
users’ devices. Therefore, they prevent any interception. Do you know that some browsers will
block visitors’ access to your website if such protocols are not in place? You should also have an
updated SSL certificate from your host.
An Anti-Malware is a software program that detects, removes, and prevents infectious software
(malware) from infecting the computer and IT systems. Since malware is the umbrella term for all
kinds of infections including worms, viruses, Trojans, etc getting an efficient Anti-Malware
would do the trick.
On the other hand, Anti-Virus is a software that was meant to keep viruses at bay. Although a lot
of Anti-virus software evolved to prevent infection from other malware as well. Securing your PC
and other complementary systems with an Anti-Virus keeps a check on these infections.
Always use complex passwords that are difficult to figure out, and make it a habit of changing
them frequently. It is also good to restrict user access and define user roles. Every user should
perform only up to their roles on the admin panel. Furthermore, make the panel to send you
notifications whenever a foreign IP tries to access it.
Avoid storing the credit card information of your clients on your database. Instead, let a third
party such as PayPal and Stripe handle the payment transactions away from your website. This
ensures better safety for your customers’ personal and financial data.
5. Deploying Firewall
Effective firewalls keep away fishy networks, XSS, SQL injection, and other cyber-attacks that
are continuing to hit headlines. They also help in regulating traffic to and from your online store,
to ensure passage of only trusted traffic.
Ensure your employees and customers get the latest knowledge concerning handling user data and
how to engage with your website securely. Expunge former employees’ details and revoke all
their access to your systems.
7. Additional security implementations
Always scan your websites and other online resources for malware
Back up your data. Most e-commerce stores also use multi-layer security to boost their
data protection.
Update your systems frequently and employ effective e-commerce security plugins.
Lastly, get a dedicated security platform that is secure from frequent cyber-attacks