PETALING JAYA: As Malaysians are increasingly shopping online for everything from minor items to branded goods, including expensive gadgets or designer handbags, cybersecurity experts have warned of the risk of data breaches in the seemingly convenient practice of saving banking card details on e-commerce platforms.
Despite the convenience of online shopping, they also cautioned the public to be wary of deals that seem “too good to be true”.
Universiti Sains Malaysia’s (USM) Prof Dr Selvakumar Manickam advised consumers against saving their card details on these platforms whenever possible.
If they opt to continue this, he said, they should only use a banking card with a low transaction limit.
“The impact will be minimal in case of financial theft. While these measures may seem inconvenient, complacency often leads to financial loss and identity theft,” he said.
Prof Selvakumar, who is USM’s Cybersecurity Research Centre director, also said there is an increasing trend of phishing scams where cybercriminals create convincing fake websites or send emails that look like it is from legitimate retailers.
“Malware is another concern where clicking on the wrong link can install software that can compromise the consumer’s entire device,” he said, adding that users should always stick to reputable and well-known e-commerce platforms.
Among the signs consumers can look for are websites that have the “https” and padlock icon in the address bar, signifying a secure connection, he said.
“Strong, unique passwords are a must. Enabling two-factor authentication adds an extra layer of security,” he said.
“Keeping software updated is essential to patch security holes, and using a secure Internet connection, especially avoiding public Wi-Fi for sensitive transactions, is highly recommended.”
He also warned about scammers that advertise phony deals or create entirely fake online stores.
“Any offer that seems too good to be true probably is,” he said.
Cybersecurity expert Fong Choong Fook echoed this, saying that purchases directly from sellers over social media and not established platforms can prove to be risky.
“Online shopping is relatively safe at reputable platforms, but reaching out to sellers directly through advertisements on social media has less assurance as it depends on whether the seller honours the transaction.
“Sometimes, fraud happens as the sellers are just scammers that use cheap prices to entice victims and even worse, install malicious applications on victims’ phones, which can extract sensitive credentials.
“These credentials can then be exploited to conduct online banking transactions,” said the LGMS Bhd executive chairman.
Fong also urged consumers to do comprehensive background checks when making purchases directly from online sellers.
“Look at their profile, subscribers, followers and how long they have been around.
“Someone with a few followers yet selling an item at a price too good to be true should arouse suspicion,” he said.
Meanwhile, Small and Medium Enterprises Association of Malaysia (Samenta) president Datuk William Ng said cyberthreats also remain a key challenge for most small and medium enterprises (SMEs).
He said medium-sized SMEs also find it difficult to implement cybersecurity measures internally, with most choosing either to outsource them to external service providers or use free applications to manage these risks.
“Most SMEs are generally not well informed of the risks or do not prioritise them until it is too late.
“This year, Samenta will work closely with various government agencies to help raise awareness of cyberthreats among SMEs,” he said.
