Online Security Threats Are Increasing


Online security has been in the news again lately, and especially as it pertains to Amazon sellers.  Recently Amazon has become a prime target (pun only slightly intended), with criminals finding ways to divert money by exploiting weaknesses to break into users’ Amazon accounts, change the bank account info, and then send deposits to their own, hijacked bank accounts.  This usually only works once, but once is enough.

Amazon has begun recommending what they call Two-Step Verification.  This helps greatly with stuffing the criminals, but when one door is shut the bad guys go looking for the next.  Knowing the threats ahead of time goes a long way toward preventing their success.


The Truth

Before we get too far, let’s make one point:

There’s more good in the world than bad.

Despite the merchants of chaos running the typical news hour, despite all the bad things made all the worse, all the more serious by the fact that they get the most alarming coverage, the evidence supports the fact that, mostly, we’re good.  We haven’t killed each other yet.  Wars, yes, terrible crimes against each other, of course, but over the millennia we’ve gotten better.  The world has advanced.  If the balance of our actions were destructive then we wouldn’t be here today.  Man – the vast majority of us – is good, and no cynic, no matter how clever, can change that.

That said, we do need to be on guard against the bad in the world.  The criminal element that wants a free ride, that wants to take what we’ve earned.  We work, we produce, they wait for opportunity and …

We know the rest.  Criminals are opportunists, and if we deny them the opportunity, more often than not they’ll simply go elsewhere.


New Threats, Old Tactics

Fundamentally not much changes.  Criminals today are not much different than criminals in Ancient Egypt, or, pretty much, any era.  Their tactics are rarely different, and in fact when a “new” something comes along it only seems new because we’re seeing it in a new arena.  This was true in the online world when malicious hacking began.  At first hacking was done more as vandalism, then for a sort of bragging rights, and then, at last, the criminals began to get smart, finding ways to steal.  Now no one cares about “look what I did”, and in fact the best criminals are the ones you never hear about at all.

So what’s new?  We’re pretty used to Viruses and Malware, and there are plenty of tools out there for that.  Hopefully you have software.  Social engineering is getting more and more sophisticated – again, an old tactic, but one which is seeing new use as people become better and better at not clicking links they shouldn’t.  Phishing is a brand of that, and can get quite elaborate, with bad guys trying to trick you into giving up vital personal info.  The upshot is that the only reason they’re having to go that far is that our technology is getting better.  That’s a good thing and means we’re safer.  The downside is that we, ourselves, in our daily actions online, on the phone with strangers and so on, need to be more vigilant than ever.

One of my favorite quotes is from a giant aircraft hangar at a base where I was stationed in the US Navy.  Giant letters were painted the length of one side, in all caps:

Eternal Vigilance Is The Price Of Freedom

That couldn’t be more true in our online activities.  Most of the time just being alert, being aware, pausing if something seems even just a little phishy (look – another pun) … often that’s all it takes.  We can stop the crime cold.  Hang up.  Don’t click.  Don’t pass on any info.  Common sense can be our greatest defense.

New technologies are coming, though, and, again, we must find ways to be vigilant.


Ransomware – The Future Of Extortion

Ransomware is the latest old tactic masquerading as a “new” thing.  What is ransomware?  The Department Of Homeland Security defines it this way:

“Ransomware is a type of malicious software cyber actors use to deny access to systems or data.  The malicious cyber actor holds systems or data hostage until the ransom is paid.  After the initial infection, the ransomware attempts to spread to shared storage drives and other accessible systems.  If the demands are not met, the system or encrypted data remains unavailable, or data may be deleted.”

Funny name for bad guys, “cyber actors”, but this is the DOHS we’re talking about.  The fact is, ransomware is a heartache waiting to happen.  New variants are emerging regularly, and cyber security companies report that way back in the first several months of 2016 global ransomware infections were at an all­-time high and rising.  Within the first weeks of its release, one particular ransomware variant compromised an estimated 100,000 computers a day.  A year later the threat is only growing.

Software is coming that will prevent these attacks.  At the moment a software called VEEDog, for example, is a player in this arena, and is currently the top dog for ransomware defense.

Dang.  Another pun.

Count on more solutions as this threat matures.  There are other steps you can take against ransomware, but probably the best is also the most basic.  By simply securing your backups, ensuring you have a backup option that is only connected to the computers and networks when they are backing them up is probably the best way to be prepared.  Hook up your backup method, make your backups, then disconnect it and put it in a fireproof safe.  (Heck, as long as you’re storing it you might as well protect it from fire.)  By having your data safely offline, if your computer or computers get locked, you can wipe and rebuild them, and add back your data.

Advice from the FBI reinforces this common sense approach.  As additional preventatives for ransomware they say:

  • Scrutinize links contained in e­mails and do not open attachments included in unsolicited e­mails.
  • Only download software – especially free software – from sites you know and trust. When possible, verify the integrity of the software through a digital signature prior to execution.
  • Focus on awareness and training. Because end users are often targeted, employees should be made aware of the threat of ransomware, how it is delivered, and trained on information security principles and techniques.

Not hard, really.


Finding Your Peace Of Mind

The bad guys are out there.  Saying so doesn’t need to raise the alarm.  Know the threats.  Stay vigilant.  Get the software and tools that will help.

And enjoy your success as an online seller.  You’re winning, you’re making a positive impact in the world – do your diligence, keep your eyes open and have fun.

It would be silly to do anything else.

Dave McDaniel is a senior VP with ManageByStats.  ManageByStats is a suite of online software tools for Amazon sellers that includes tools for sales, customer and inventory management, automated email notifications, email campaigns and review, feedback and keyword features.  ManageByStats also provides an email and phone appends service, and offers an appends option that does not require an Amazon account.