SAN FRANCISCO, CA – June 15, 2016 – Wandera, the leader in mobile data security and management, has discovered that numerous luxury ecommerce sites and apps are failing to protect sensitive customer information and credit card data, placing mobile shoppers at risk of identity theft.
Wandera’s SmartWire Labs has detected a number of websites selling fake luxury sunglasses – including Outlet7X24 and RBWeDoBuy – that are either intentionally compromising sensitive information, or failing to take preventative steps to protect customer data. This sensitive data – which includes full names, email addresses, shipping and billing information, passwords and full credit card details – will often be enough to provide an attacker with access to online banking or other sensitive services.
Wandera revealed that the sites were failing to protect sensitive customer information when transmitting that information to the website. The customer credit card data and other details collected as part of the shopping transaction is being sent unsecured and unencrypted to the website in clear text, placing customers at risk of identity theft.
This is because the website owners are either deliberately attempting to harvest customer information, or have not invested appropriately in security.
Comment from Eldar Tuvey, CEO of Wandera:
“Unfortunately, despite their better judgement, many online shoppers choose a good deal over good sense. The pursuit of an expensive brand for less often leads shoppers to encounter ecommerce sites that are less trustworthy. While we can alert the public of specific compromising websites and ensure they are suspended, site owners typically create a new brand and website domain with exactly the same business model – and lack of data security. Therefore, it is important that individuals take caution and do not ignore their good judgement in the interest of a cut-price deal. The potential cost resulting from leaked credit card data or identity theft is much higher than any saving made on the price of genuine sunglasses.”
Consumers are unknowingly exposing themselves to danger in several ways by using these websites:
How consumers can protect their data:
More information on untrustworthy ecommerce sites can be found here.