Major ecommerce players use ‘Honeypots’ to nail online hackers

Etailers have to deal with frauds of all kinds. From sellers listing fake products, ex-employees robbing delivery staff and fraudulent buyers manipulating return policies, ecommerce players are running manically to keep all of them away from their business.

One of the things online marketplaces have adopted to deal with the smartest of all fraudsters – the tech-savvy Unethical Hackers, is by hiring Ethical Hackers.

Help to discover loopholes

Quite a few cases have been reported where hackers have found a loophole in ecommerce companies’ payment system and bought goods for free by applying 100% duplicate discount codes. Ethical hackers helped etailers to spot this loophole and implement corrective measures.

It is believed that technology-heavy online firms such as Flipkart, Amazon, Paytm, Snapdeal and Ola have hired ethical hackers or companies that offer such services to deal with cyber fraud. Their main job is to find of chinks in the digital system by hacking it with consent.

Saket Modi, CEO of Lucideus, a Mumbai-based Cyber Threat Analysis & Malware Research Lab revealed, “We’re in the job of finding flaws across people, process and technology of an organisation’s digital setup. We hack them with their permission and produce an overall maturity scorecard of the organisation providing the CEO/CFO the information about the overall cyber risk they are sitting on along with a roadmap to enhance the cyber security maturity of the organization.”

Predicting cyber-attacks and preventing it

The ecommerce world rests on technology with purchases made through websites, mobile apps, and mobile sites from across the country. Therefore incidents such as a bug in the system, servers crashing due to hacks and compromising safety & security of data can lead to a flood of problems.

No wonder, etailers are using every technique there is in the book besides ethical hacking to keep cyber-attacks in check.

Mukul Shrivastava, Partner – Fraud Investigation & Dispute Services at Ernst & Young shared, “Many companies are deploying deception techniques called ‘honeypots’ in their systems so that whenever the hackers attack, they are routed to these fake servers. But there are many similar measures available, and companies, especially those whose business is dependent on technology, are deploying them to predict and defend cyber-attacks before it actually takes place.”

While other ecommerce players haven’t shared any official word on it owing to the secretive nature of the matter Paytm’s VP, Nitin Misra confirmed that it hires consultancies to create systems that can prevent such attacks from happening.  

He said, “We conduct internal as well as external penetration testing from third parties. Additionally, we’ve bug bounty program where people can report security vulnerabilities against us.”

Let’s hope that ethical hackers and cyber threat research firms can put an end to such cyber frauds.