THE most Security Threats in the E-commerce Environments are
▪ Malicious code
▪ Hacking and cybervandalism
▪ Credit card fraud/theft
▪ Spoofing (pharming)
▪ Denial of service attacks
▪ Insider jobs
▪ Poorly designed server and client software
Malicious code is the kind of harmful computer code or web script designed to create system vulnerabilities leading to back doors, security breaches, information and data theft, and other potential damages to files and computing systems. It's a type of threat that may not be blocked by antivirus software alone
■ (malware) includes a variety of threats such as viruses, worms, Trojan horses, and bots.
■ Viruses: a computer program that has the ability to replicate or make copies of itself, and spread to other files. In addition to the ability to replicate, most computer viruses deliver a “payload.” The payload may be relatively benign, such as the display of a message or image, or it may be highly destructive destroying files, reformatting the computer’s hard drive, or causing programs to run improperly.
■ Worms: designed to spread from computer to computer. A worm does not necessarily need to be activated by a user or program in order for it to replicate itself.
■ Trojan horse: appears to be benign, but then does something other than expected. Often a way for viruses or other malicious code to be introduced into a computer system.
■ drive-by download malware that comes with a downloaded file that a user requests
■ ransomware (scareware) malware that prevents you from accessing your computer or files and demands that you pay a fine
■ Backdoor feature of viruses, worms and Trojans that allows an attacker to remotely access a compromised computer.
■ Bots: type of malicious code that can be covertly installed on a computer when connected to the Internet. Once installed, the bot responds to external commands sent by the attacker.
■ Botnet:collection of captured bot computers.