E-commerce enhances growth and opportunity while managing risk

As we continue to live in a fast-paced digitally driven world, more people are turning to digital services, like shopping and banking online, to ensure that needs and responsibilities are fulfilled quickly and efficiently. This reality is no difference even across the African continent.

Despite a legacy around a lack of reliable and affordable Internet structures, as this improves, the demand for digital convenience continues to rise. In fact, it has been noted that with 400 million Internet users,  Africa has one of the most digitally connected populations on the planet.

According to research, the e-commerce sector in Africa generated $16.5 billion in revenue in 2017. The predicted forecasted revenue of e-commerce in Africa is $29 billion by 2022. Considering this statistics, the opportunity for e-commerce in Africa is obvious as notes Bethwel Opil, the Enterprise Sales Manager at Kaspersky in Africa.

“This anticipated growth is massive and indicates just how much opportunity resides within this sector. However, it is a sector that must be embraced carefully and with caution – as with all opportunity, there comes associated risks,” avers Opil.

Opil points out to legacy challenges of limited and sporadic physical retail infrastructure – outside of the major cities and urban nodes – across most regions in Africa, which has created a favourable environment for e-commerce to boom.

He however mentions the online world that still remains a highly targeted playground for cybercriminals and one they are trying to dominate by creating various avenues of attacks so as to gain access to consumer data through phishing and ransomware.

What the e-commerce platform provider needs to consider

Kaspersky’s research highlights that attacks with banking Trojans or ‘bankers’ are among the most popular for cybercriminals, as they are focused directly on financial gain. This kind of malware steals credentials for e-payment and online banking systems from victims, intercepting one-time passwords, and then sending the data to the attackers behind the Trojan. In 2018, the number of users attacked with banking Trojans was 889,452, an increase of 15.9% in comparison with 767,072 in 2017.

“A responsible e-commerce business is one that takes the security of their customers data seriously – and not just as a result of regulatory matters, but to also ensure brand reputation management and as part of driving a loyal customer base,” says Opil, adding; “The chances of a customer returning to the e-commerce platform after a compromise is minimal.”

E-commerce platforms need to be aware of the types of attacks that are being targeted at these platforms – both past and future – and how to plan and mitigate around these.

Some key aspects to consider as listed by Opil include:

• Keep the e-commerce system and operating systems updated, and make sure they do not contain already known vulnerabilities
• Install effective security solutions on all computers in the business network
• Protect POS terminals with a specialised solution that can work on obsolete equipment
• Be prepared for distributed-denial-of-service (DDoS) attacks – as they are used widely within the e-commerce space – and employ reliable DDoS-protection service
• Arrange an audit of the corporate network to detect vulnerabilities and take the necessary steps to ensure protection
• Check the site for the presence of online skimmers and weaknesses
• Recommend that customers use reliable security solutions that will minimise the threat of phishing attacks

What consumers must onboard

Financial malware threats, commonly identified as banking Trojans, have always occupied a significant part of the threat landscape. This is due to the fact that finance is the most common motivation for cybercriminals and fraudsters. Kaspersky’s data on new samples of these threats constantly demonstrates that malware aimed at stealing funds is active and extremely dangerous.

While most established e-commerce platforms have the necessary security measures in place and take every critical step to protect the data of their customers, users must still practice caution when online. Some tips that can support this include:

• Be aware of and pay attention to phishing scams – phishing websites look just like real ones, but instead of selling goods or services, they steal bank or credit card information. Check all website links and authenticity before making a purchase on the website
• Secure email – email often holds the information to the majority of online accounts details, as the password recovery operation is often conducted via email notifications. It is for this reason why primary email accounts must be protected
• Don’t use open and unprotected Wi-Fi platforms when shopping or banking online – such open Wi-Fi zones are so easy for hackers to get into and then compromise devices
• Avoid using weak passwords – if weak combinations are used, which consist of letters only, the user is likely not protected at all. Passwords must be strong and must differ across online accounts to ensure that if one password may be compromised, not all accounts are at risk
• Protect smart devices – ensure that all devices with Internet access or that are used for e-commerce purposes are protected with a reliable IT security software solution

“As the need for e-commerce services and the interest in these platforms grows in a digitally connected African market, the tactics that are used by cybercriminals will likely only become more sophisticated.” Bethwel Opil.

He urges consumers to be aware and stay alert in order to reap the opportunity that exists in this market.

“Staying ahead and ensuring prevention measures are in place by both business and users when it comes to the cyber security risk is a must for this sector to continue to grow,” he concludes.