Cyberattacks are in the news this month, especially when Sony Pictures was victimized by hackers intent on preventing a new movie satirizing North Korea's ruler from being shown, broke into the company's network.
But attacks on consumers are a much more common occurrence. We hear a lot about consumers falling for online scams, having their credit and debit card accounts hacked and being victimized by other types of cyber-fraud. We rarely hear about what happens next.
Do these stories have a happy ending? It turns out a lot of them don't.
Still waiting for their money
A survey by Kaspersky Lab and B2B International found that nearly half of the consumers who reported losing money in fraudulent online transactions did not get all – or sometimes any – of their money back.
Remember that many banks and credit card companies have policies of reimbursing money lost due to cybercrime. Despite that, only 56% of respondents reported that they could fully recoup their losses.
Of those who lost money, 16% of victims received only partial compensation while 28% said they couldn't recover any.
Consumers in some countries have it worse than others. In places like Russia, 58% of those surveyed said there was no hope of getting any money back, and 13% received only part of the stolen money.
Some of the losses are significant. The average amount stolen by cybercriminals was $218 and 18% of respondents reported a loss in excess of $1,000.
“Even if you are sure that the financial company or online store will refund any stolen money in the event of online fraud, you should still be cautious, said Elena Kharchenko, head of Consumer Product Management, Kaspersky Lab. “You may indeed get all the money back – although the figures suggest this only happens about half the time – but the time and stress you will suffer are impossible to compensate. That’s why it’s important to pay special attention to the protection of confidential information, including your financial data.”
Lack of awareness
Some consumers fall victim because they aren't aware of the danger. The survey found that 22% of respondents believe they won't be the target of an attack. However, statistics show that about 43% of users faced financial cyberthreats at least once during the previous year.
CNA Financial, an insurance provider, warns the threat is growing and is especially dangerous around busy shopping periods like the holiday season.
"The digital universe has become increasingly complex and it's important to know how to protect your identity online," said Robert Allen, CNA's Chief Security Officer. "As convenient, quick and easy as online shopping can be, it also leaves businesses and individuals vulnerable to security risks."
The company offers a number of consumer tips to reduce your risk when shopping online:
Make sure the site is secure. Once you're ready to check out, look for signs that the site is secure, including locating the "closed padlock" icon on your Web browser's address bar. Other sites may have a URL address that begins with "https://"; the "s" means the site is secure.
Don't shop on a public Wi-Fi connection. If you don't have to use a password to get online, the network isn't secure. Someone else on the network could actually monitor what you're doing online. Sometimes, attackers create fake networks which allow them to intercept and modify communication between two parties.
Stay current with your security updates. All software, Web browsers and operating systems should be up to date.
Don't save credentials in Web browsers. When a pop-up displays asking if you want the site to save your information, click "Continue Without Saving." Hackers will use stored data, including saved credentials.
Avoid using debit cards. Even with debit protections, if your cards information is stolen, the money is taken immediately from your account. Getting that money back may prove to be difficult.
Keep a paper trail. Print and/or save records of your transaction, including the product description, price, receipt, terms of the sale and copies of any communications from the vendor. After receiving your credit card statement, make sure all transactions match and there are no unauthorized charges.