Story image

How to protect your business from online scams

16 Jan 15

NetSafe has offered up some advice for how businesses can protect themselves from online scams and credit card fraudsters.

Netsafe says businesses should talk to their bank or merchant provider about how their payment systems can be used to protect against online fraud.

“Enquire about options for monitoring payments and blocking such large scale automated attacks,” the company says in a blog post. “If you can, consider using third party card verification services from Visa and MasterCard to add a second layer of protection.”

Organisations should talk to their website developer, IT staff or a security specialist about ways to protect their site and any payment forms they host. Using SSL to encrypt information submitted is essential so that forms operate at an https:// address. “Discuss testing your systems for signs of common vulnerabilities and your options for fixing them.”

The internet safety group says to use a CAPTCHA on web forms or require an account be created. Technical solutions like these can potentially slow down automated software ‘bots’ that are designed to validate card numbers in quick succession.

“Limit transaction volumes or website sessions by IP address or pre-screen payments from high risk countries if you are seeing fraudulent attempts to donate,” the group says in regards to charity organisations.

“Many New Zealand charities may only wish to accept donations from Kiwis using credit cards issued by New Zealand banks,” it says. “Ask if you can filter payments by Bank Identification Number (BIN) to prevent overseas cards being accepted.”

NetSafe adds companies should consider monitoring traffic volumes to their website in order to keep an eye on potential scams.  Business should talk with their website host about establishing an alerts services so they can be aware if they receive a sudden unexpected spike in visitors.

Specialist online fraud management services can help reduce the risk of scams. “Sift Science offer an online service to assess transactions before handing them on to your merchant provider and may be an additional way to reduce fake donations,” NetSafe says.

“Explore options from third parties with secure systems and dedicated resources to manage fraud such as PayPal or Givealittle,” it says. “Givealittle.co.nz allows NZ charities and schools to register for a free fundraising page.”

NetSafe says if your website has been targeted by credit card fraudsters, you should speak with your bank or merchant provider ASAP. You can also contact NetSafe via their freephone telephone number 0508 NETSAFE or report an incident online.

Four major business risks you should watch out for
"It’s essential for businesses to monitor human behaviour, and apply and enforce policies consistently. The alternative is to lose large amounts of unrecoverable money as a result of people’s actions."
Government still stuck in the past? Not on GovTech's watch
What exactly is GovTech and what’s been happening in our capital city?
Workday – who are they and what do they do?
We quickly summarise everything you need to know about the up and coming business software leader.
Xero weighs in on Fraud Awareness Week
Unfortunately the Xero Security team is all too aware of fraud. We see it affecting our customers and community as an almost daily event.  
"Is this for real?" The reality of fraud against New Zealanders
Is this for real? More often than not these days it can be hard to tell, and it’s okay to be a bit suspicious, especially when it comes to fraud.
Hands-on review: The iPhone Xs
The iPhone Xs is a win that brought numerous new and exciting features to the market.
MicroMaker3D's tiny 3D printing tech is 'game changing'
Imagine 3D printing things thinner and smaller than a human hair, and how they could be used in everything from sensors, electronics, wearables and meshes.
Three ways to improve mental health support in the workplace
“Instead of scrambling into action after a crisis, employers need to be more proactive in supporting employees."