Tuesday, December 21st, 2010 - Pure Hacking
Pure Hacking, the Australian experts in helping organisations protect their information assets, today warned that as the popularity of online shopping increased, so too did the risks associated with debit and credit card security for both consumers and online retailers . Both groups are being targeted by online thieves if their cards, transactions and payment gateways do not conform to recommended global standards. The Company outlined its top tips for keeping shopping online safe for consumers and retailers.

For Rob McAdam, CEO, Pure Hacking this year’s trends are signalling that debit and credit card security breaches are increasingly occurring in the small to mid-sized retailer environment. “We are typically finding that larger retailers that rely on reputable payment gateways and who have made data security a priority are no longer the main targets for fraud. Instead it is consumers that are not proactively protecting their data, together with non-compliant retailers, that are the primary target for a data theft attack.

In fact for McAdam the corresponding investment in protecting information assets in the financial services and retail sectors is beginning to pay off.

“We have worked with a range of financial and retail organisations this year to define and refine how information is both shared and guaranteed to remain safe. In fact in over 70 percent of security breaches in our reviews and tests are due to vulnerabilities within the web application layer,” he said.

He continued, “In fact we have industry estimates that around 75 percent of companies are not fully compliant with the Payment Card Industry's Data Security Standard (PCI DSS). This makes online shopping with retailers here in Australia, and even with US sites now that the Australian dollar has reached recent highs, that don’t meet these standards an increasingly risky option. Our message is reduce the risks by stopping others watch you shop online.”

Top Ten Tips for Safe Online Shopping


1. Never email your credit card details to anyone
2. Use a low value credit card (sub $2,000) for online purchases and do not use debit cards or mixed credit/debit cards
3. Only shop at a limited number of trusted stores and research the retailer’s reputation prior to buying
4. Use https:// before the online store name. Reputable online store addresses will have a padlock on the screen and no warning sign. If there is no padlock – do not shop there.
5. Be on the lookout for email scams and “phishing attacks”. Emails can be forged from trusted retailers that ask for your credit card details.
6. Just like an in-store purchase, document your purchase, be aware of the refund and return policy prior to buying and check off your credit card statements monthly to ensure there are no unauthorised charges


1. Use a hosted merchant payment gateway from your bank and rely on your bank to securely manage credit card transactions
2. Online store holders should perform code reviews or have a web application firewall on the online store and payment gateways
3. Only store credit card data if you are required to and handle with care
4. Create your online store with software from reputable vendors who can share results of penetration tests and code reviews, plus compliance with PCI DSS

Pure Hacking works with organisations in a wide range of industries including Finance and Insurance; Communications and Information Technology; Business and Legal Services and Education to protect information assets from criminal hackers – both within and outside the company. With the rapid adoption of web-enabled applications and communication technologies, Australian and multinational corporations look to Pure Hacking to keep proprietary data and applications secure.

Contact Profile

Pure Hacking

Pure Hacking is Australia’s leading dedicated, vendor-neutral ethical hacking company in Australia. Its sole focus is risk and security. Today it provides secure development services, secure code reviews, penetration testing and training modules to a range of clients throughout the Asia Pacific region.
Cathryn van der Walt
P: 0402 327 633
W: www.purehacking.com.au


credit and debit card fraud on the increase, safe online shopping tips



More Formats