FACULTY OF COMMERCE

TOURISM AND HOSPITALITY MANAGEMENT

GROUP10 PRESENTATION

E COMMERCE
NAME SURNAME REG NUMBER
RUMBIDZAI MELLISA DZINZI R198686Y
PRUDENCE SITHOLE R198615R
LORRAINE CHAKO R1911567M
TINASHE CHINHAMO R197846C
FREDLEEN MUGWAGWA R197648P
IDAISHE CHIRIGA R198929Z
DECENT KUDAKWASHE KUFONYA R1915661C
MICHAEL LOVEMORE BAKE R1914058T
TAKUDZWA KAJEKERE R1911042Q
CHEALSEA T MARODZA R164795Z
MARGRET KUTSANZA R1917672B
EMMANUEL DUBE R199822N
QUESTION: Security challenges faced with e-commerce activities.

Ecommerce security primarily refers to the steps taken by ecommerce businesses to protect their
business interests and information from harmful attacks .There are quite a few threats you need
to protect your online store from. Common examples of security threats include hacking, misuse
of personal data, monetary theft, phishing attacks, unprotected provision of services, and credit
card frauds. This essay will look in greater detail the challenges faced with e- commerce
activities.

Financial fraud has afflicted online businesses since their inception. Hackers make unauthorized
transactions and wipe out the trail costing businesses significant amounts of losses. Some
fraudsters also file requests for fake refunds or returns. Refund fraud is a common financial fraud
where businesses refund illegally acquired products or damaged goods. For instance, Jimmy
likes to capitalize on fraudulent activities. He knows that friendly fraud is an easy medium where
he can purchase an item, use it, and then refund it in order to get his money back, so he does it! a.
Credit Card Fraud happens when a cybercriminal uses stolen credit card data to buy products on
your e-commerce store. Usually, in such cases, the shipping and billing addresses vary. You can
detect and curb such activities on your store by installing an AVS – Address Verification
System. Another form of credit card fraud is when the fraudster steals your personal details and
identity to enable them to get a new credit card.

Spam is another security challenge faced with e- commerce activities. Where emails are known
as a strong medium for higher sales, it also remains one of the highly used mediums for
spamming. Nonetheless, comments on your blog or contact forms are also an open invitation for
online spammers where they leave infected links in order to harm you. They often send them via
social media inbox and wait for you to click on such messages. Moreover, spamming not only
affects your website’s security, but it also damages your website speed too. Mass-mailed
malware infection can quickly morph into a much more serious problem says Brian Krebs, data
security expert. Apart from lowering your website security, spamming also reduces its speed and
severely affects performance.
Phishing is one of the common security threats of ecommerce where hackers masquerade as
legitimate businesses and send emails to your clients to trick them into revealing their sensitive
information by simply presenting them with a fake copy of your legitimate website or anything
that allows the customer to believe the request is coming from the business. Common phishing
techniques include emailing your customers or your team with fake “you must take this action”
messages. This technique only works your customers follow through with the action and provide
them access to their login information or other personal data which the hacker can exploit as per
his benefit. The EI Test of 2017 is another good example of such malicious campaigns. If the
clients fall into the trap and give them their sensitive personal information like login credentials,
the hackers swiftly go ahead and con them.

You may recognize bots from your good books such as those that crawl the web and help you
rank your website in Search Engine Result Pages. However, there are exclusive bots developed
to scrape websites for their pricing and inventory information. The hackers use such information
to change the pricing of your online store, or to garner the best-selling inventory in shopping
carts, resulting in a decline in sales and revenue. Such hackers, usually your competitors, can
then use the data to lower or modify the prices in their websites in an attempt to lower your sales
and revenue.

Distributed Denial of Service (DDoS) attacks and DOS (Denial of Service) attacks aim to disrupt
your website and affect overall sales. These attacks flood your servers with numerous requests
until they succumb to them and your website crashes.

Brute force attacks target your online store’s admin panel in an attempt to figure out your
password by brute-force. It uses programs that establish a connection to your website and use
every possible combination to crack your password. You can protect yourself against such
attacks by using a strong, complex password. Do remember to change it regularly.

SQL injections are cyber-attacks intended to access your database by targeting your query
submission forms. They inject malicious code in your database, collect the data and then delete it
later on.

Cyber stalking is another challenge with e- commerce activities.  Cyberstalking is a form

of cyberbullying; the terms are often used interchangeably in the media. Both may include false
accusations, defamation, slander and libel. Cyberstalking may also include monitoring, identity
theft, threats, vandalism, solicitation for sex, or gathering information that may be used to
threaten or harass. Cyberstalking is often accompanied by real-time or offline stalking.[2] Both
forms of stalking may be criminal offense. Stalking is a continuous process, consisting of a series
of actions, each of which may be entirely legal in itself. Royakkers , L . defines cyberstalking as
perpetrated by someone without a current relationship with the victim. About the abusive effects
of cyberstalking, he writes that ‘’Stalking] is a form of mental assault, in which the perpetrator
repeatedly, unwantedly, and disruptively breaks into the life-world of the victim, with whom he
has no relationship (or no longer has), with motives that are directly or indirectly traceable to the
affective sphere. Moreover, the separated acts that make up the intrusion cannot by themselves
cause the mental abuse, but do taken together (cumulative effect).’’  Many cyber stalkers try to
damage the reputation of their victim and turn other people against them. They post false
information about them on websites. They may set up their own websites, blogs or user pages for
this purpose. They post allegations about the victim to newsgroups, chat rooms, or other sites
that allow public contributions such as Wikipedia or Amazon.com. Attempts to gather
information about the victim: Cyber stalkers may approach their victim's friends, family and
work colleagues to obtain personal information. They may advertise for information on the
Internet, or hire a private detective. Monitoring their target's online activities and attempting to
trace their IP address in an effort to gather more information about their victims. Encouraging
others to harass the victim: Many cyber stalkers try to involve third parties in the harassment.
They may claim the victim has harmed the stalker or his/her family in some way, or may post the
victim's name and telephone number in order to encourage others to join the pursuit. False
victimization: The cyber stalker will claim that the victim is harassing him or her. Bocij writes
that this phenomenon has been noted in a number of well-known cases. Attacks on data and
equipment: They may try to damage the victim's computer by sending viruses.

Hacking is an attempt to exploit a computer system or a private network inside a computer.

Simply put, it is the unauthorised access to or control over computer network security systems
for some illicit purpose. XSS is when hackers target your website visitors by infecting your
online store with malign code. You can safeguard yourself against it by implementing Content
Security Policy. E-skimming refers to hacker methods of stealing personal data, such as credit
card information, from payment card processes pages on e Commerce sites. It's a significant
security risk in e Commerce, as shoppers can be misguided by misleading external links and
portals to payment pages. Or, cyber-criminals gain access to your site via a third-party, a
successful phishing attempt, or cross-site scripting. These methods allow hackers to capture
shopper payment information in real-time, as soon as the customer accesses the payment page.
To avoid this, ensure your website is secure, remind customers to never enter their details on
unverified websites, and prompt them to check whether a payment page is genuine. 

Malware is any piece of software that’s been designed by cyber-criminals with the intention of
gaining access, or causing damage, to a computer network. Inserted into web pages through
techniques like SQL injection, malware files can allow hackers to: Fake (spoof) their identity,
Take control of your computers and networks , Tamper with your databases, Send malicious
emails on your behalf and Gain complete access to all the data on your system Because malware
strategies are constantly evolving, so too must your anti-virus protocols. To protect your site
against security threats to your e-business, consider installing a firewall to monitor activity and
store as little sensitive information on your site as possible.

In conclusion the security challenges faced with e – commerce activities can be protected to
protect their business interests and information from harmful attacks.
REFERENCE LIST

A Bhattacherjee, A. (2002) Individual trust in online firms: scale development and initial test

Journal of Management Information Systems, volume 19, issue 1, p. 211 - 242

Khan, Shazia W., (2019) Cyber Security Issues and Challenges in E-Commerce Proceedings of 10th
International Conference on Digital Strategies for Organizational Success
https://ssrn.com/abstract=3323741 or http://dx.doi.org/10.2139/ssrn.3323741

Ross, A. (1994) Why Cryptosystems Fail Communications of the ACM, volume 37, issue 11, p. 32 - 40