Consumer confidence in the security of their online transactions is slipping due to the growth of phishing-related fraud and identity theft, Gartner reports. As a result, consumers are curtailing their online purchases. Phishing is the sending of an e-mail by cyberthieves with a link to a fake website that is disguised to look legitimate, in order to lure recipients into divulging personal information. Gartner estimates that 73 million adults who use the Internet received a phishing e-mail between May 2004 and May 2005, and that 2.4 million online shoppers lost money as a direct result of phishing. Most of the losses were repaid by banks and credit card companies. Nevertheless, 75 percent of the 5,000 online consumers who Gartner surveyed in May said they have become more cautious about where they shop online, and one-third reported buying fewer items than they would typically purchase due to security concerns. Eighty percent of those surveyed said they now trust commercial e-mail less, while 85 percent claimed to delete unexpected e-mails without ever opening them. SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe Unless companies take steps to combat phishing, the report says, they will not be able to count on online selling and e-mail as methods to draw customers. Best Practices: 1]Use your website to educate customers about fraudulent sites. Warn them about phishing schemes you know about, and instruct them not to click on links provided in e-mails that purport to be from your company. Advise them to type your address directly into their browsers to get to your site. If possible, provide online customers with some type of authentication, such as a personalized greeting, every time they visit. 2]Make it a policy not to ask customers for personal information via e-mail, and remind them frequently of this policy. Enforce the practice with employees. 3]Have a process in place to take action against phishers when attacks occur, and to reassure customers. As part of this process, collect information from customers about the attack, specifically, the IP address of the phisher. Contact the ISP and report the incident, and then call law enforcement. Related content feature Mastercard preps for the post-quantum cybersecurity threat A cryptographically relevant quantum computer will put everyday online transactions at risk. Mastercard is preparing for such an eventuality — today. By Poornima Apte Sep 22, 2023 6 mins CIO 100 CIO 100 CIO 100 feature 9 famous analytics and AI disasters Insights from data and machine learning algorithms can be invaluable, but mistakes can cost you reputation, revenue, or even lives. These high-profile analytics and AI blunders illustrate what can go wrong. By Thor Olavsrud Sep 22, 2023 13 mins Technology Industry Generative AI Machine Learning feature Top 15 data management platforms available today Data management platforms (DMPs) help organizations collect and manage data from a wide array of sources — and are becoming increasingly important for customer-centric sales and marketing campaigns. By Peter Wayner Sep 22, 2023 10 mins Marketing Software Data Management opinion Four questions for a casino InfoSec director By Beth Kormanik Sep 21, 2023 3 mins Media and Entertainment Industry Events Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe