As one of the top cyber crime ploys impacting both consumers and businesses, phishing has grown in volume and sophistication over the past several years. The down economy is providing a breeding ground for new, socially-engineered attempts to defraud unsuspecting business people and consumers. With honest money-earning avenues less available, the cyber crime eco-system is ready with off-the-shelf phishing kits. It no longer takes a hacker to enable and commit fraud on the Internet – anyone with a motive can join in.
The potential impact on a business can be great – whether an employee or its customers have been phished, or the company Web site has been compromised. Organizations need to stay current on the latest methods employed by cyber criminals and proactively take steps to prevent this type of fraud.
How Phishing Could Impact Your Business
While the financial industry continues to be a primary target for phishers, it’s certainly not the only sector vulnerable to attack. Auction sites, payment services, retail, and social networking sites are also frequent targets. The APWG also reports a massive increase in attacks aimed at cell phone providers and manufacturers. In short, no business or brand is inherently safe.
Phishing attacks that pose as a company’s official Web site diminish the company’s online brand and deter customers from using the actual Web site out of fear of becoming a fraud victim. In addition to the direct costs of fraud losses, businesses whose customers fall victim to a phishing scam also risk:
- A drop in online revenues and/or usage due to decreased customer trust
- Potential non-compliance fines if customer data is compromised
Even phishing scams aimed at other brands can impact a business. The resulting fear caused by phishing can cause consumers to stop transacting with anyone they can’t trust.
Protecting Your Business
While there is no silver bullet, there are technologies that can help protect you and your customers. Many of the current phishing techniques rely on driving customers to spoofed Web sites to capture personal information. Technology such as Secure Sockets Layer (SSL) and EV SSL Certificates are critical in fighting phishing and other forms of cyber crime by encrypting sensitive information and helping customers authenticate your site.
Security best practices call for implementing the highest levels of encryption and authentication possible to protect against cyber fraud and build customer trust in the brand. SSL, the world standard for Web security, is the technology used to encrypt and protect information transmitted over the Web with the ubiquitous HTTPS protocol. SSL protects data in motion which can be intercepted and tampered with if sent unencrypted. Support for SSL is built into all major operating systems, Web browsers, Internet applications, and server hardware.
To help prevent phishing attacks from being successful and to build customer trust, companies also need a way to show customers that they are a legitimate business. Extended Validation (EV) SSL Certificates are the answer, offering the highest level of authentication available with an SSL Certificate and providing tangible proof to online users that the site is indeed a legitimate business.
EV SSL gives Web site visitors an easy and reliable way to establish trust online by triggering high security Web browsers to display a green address bar with the name of the organization that owns the SSL Certificates and the name of the Certificate Authority that issued it.
The green bar shows site visitors that the transaction is encrypted and the organization has been authenticated according to the most rigorous industry standard. Phishers can then no longer capitalize on visitors not noticing they are not on a true SSL session.
While cyber criminals are becoming adept at mimicking legitimate Web sites, without the company’s EV SSL Certificate there is no way they can display its name on the address bar because the information shown there is outside of their control. And they cannot obtain the legitimate company’s EV SSL Certificates because of the stringent authentication process.
At last, Phishing will continue to evolve into new forms, while attempting to take advantage of human behaviors such as compassion, trust, or curiosity. Protecting your brand and your business from phishing requires constant diligence, but pays rewards beyond reduced fraud losses.
By educating and protecting your customers with the highest levels of protection provided by EV SSL Certificates, your business can ensure customers have greater confidence in your online services. By demonstrating leadership in online security, you can broaden your market appeal and in doing so, generate new revenue streams. Authentic your website and business validation with the green bar using SSL certificates from ClickSSL helps you to grow your business.
ClickSSL is the trusted provider of Internet infrastructure services for the networked world. ClickSSL is the platinum partner of SSL Certificates Authority like Symantec (Verisign), Comodo, Thawte, GeoTrust and RapidSSL. Billions of times each day, Symantec helps companies and consumers all over the world engage in communications and commerce with confidence. ClickSSL offers SSL certificates such as Wildcard SSL, EV SSL, Code Signing Certificate, UCC SSL, Multi (SAN) Domain SSL Certificates.