It's reasonably safe to buy things off the Internet. Even assuming someone gets your credit card details, all you have to do is report it to the credit card company and they will wipe out the charges. At most you are on the hook for about $50, but most of the time the entire bill will be wiped out.
In China, and most of the Far East, however, it's very very common for people to be using pirated software. You can buy bootleg DVDs and CDs from people on street corners. Since Microsoft tends to disable people from being able to download security updates on Windows when it's a pirated copy, that makes all those systems ripe targets for worms, spyware, viruses, etc. THAT is most likely how the credit card details were stolen in the first place. An unpatched Internet Explorer 6 is a VERY dangerous thing to be using on the Internet. A fully patched Internet Explorer is dangerous enough.
Also, it's FAR from impossible to obtain info from an encrypted session, it's just usually very difficult. Of course with computers getting ever faster, it gets easier and easier to crack certain encryption grades. 64-bit encryption these days is worthless. It can be brute force cracked by your average system in a day or two. 128-bit encryption won't hold up much better... A couple of weeks, tops. 256-bit and higher encryption will take longer, but someone could always get lucky and stumble across the right code in a few hours. Of course, usually, rather than try and break one encrypted session at a time, would be thieves will go after the merchant's database of payment info. Sadly, these are often left far less protected than the browser session that feeds your data into them. There are a great many companies that look at IT security as an expense they would rather not pay for. In this world where business is all about meeting quarterly projections, longer term things like IT security tend to be given little to no real thought or budget. If it would take $1 million to properly secure a business's network, and then maybe $100,000 to maintain it ever quarter thereafter, most management types will look at that as $1 million that could go towards the bottom line on their quarterly report, and the same with that $100,000. It's not looked at as an investment. The idea that if enough customers have their data stolen, they might take their business elsewhere, is a long term thought. That has no place in the modern business world. It's gone the way of the sustainable business model. Personally, I blame the stock market for the creation of this hyper-competitive world, and think we would be infinitely better off in the long run if we simply abolished it outright, but that's just me.
Now... Using things like PayPal, which can be linked directly to a bank account, can be a bit dangerous. And obviously giving out your bank account info to someone is never a good idea. But when it comes to paying with a credit card, it really is pretty safe. It's even safer if you're not using Internet Explorer, or anything based on it, and keep whatever other browser you use fully patched. Of course if you have keyloggers and what not installed on your system already, simply not using IE will probably be of little use.
If you keep up on your security patches for all your software, and avoid problematic ones like Internet Explorer, you are probably safer using a credit card online than in a retail store or restaurant. Especially restaurants, where they swipe your card, and then bring it back to you for the final authorization and to include the tip. But while the waiter or waitress is off with your card, for all you know they could be writing down the details in a notebook or overcharging you significantly. You can't know for certain what they're doing when the card is out of your sight.
Was this reply helpful? (0) (0)