X

Report: Holiday sales boomed amid phishing threat

Online merchants saw 88 percent rise in revenue as they turned to automated tools to fend off security risks, according to VeriSign.

Dawn Kawamoto Former Staff writer, CNET News
Dawn Kawamoto covered enterprise security and financial news relating to technology for CNET News.
See full bio
Dawn Kawamoto
2 min read
Despite the threat of phishing attacks, online businesses saw an 88 percent rise in revenue over the holiday season, according to VeriSign.

The online payment service, which handles 35 percent of North American e-commerce, processed $12 billion in Web sales between Nov. 1 and Dec. 31, it plans to announce in a report Monday. That compares with $6.4 billion in sales in the same period in 2003. In addition, the number of online transactions jumped 39 percent.

The largest gains in transactions were seen at game stores, which saw a rise of 96 percent, and gift shops, which had a lift of 89 percent. Charities, boosted by tsunami appeals, saw transactions increase by 79 percent.

But while e-commerce activity was dramatically up, online merchants reduced the number of transactions they deemed too risky to complete, said Fraser Smith, a product manager in VeriSign's payment services. Only 6 percent of online transactions were deemed too risky to complete--a fall of 1 percent over the previous year.

"Merchants are relying on automated solutions to track fraud," Smith said, noting that 88 percent of Web stores used such technology over the holidays. "If they know the customer, then they're automatically patched in."

In its holiday season report, gathered from analysis of data from its DNS services, digital certificates and other Internet businesses, VeriSign noted changes in merchants' security efforts and shifts in online fraud trends and e-commerce activity.

While security has become a great concern for consumers and merchants, fraudulent transactions still only account for 2 percent of all purchases, said Mark Griffith, VeriSign's vice president of security services.

The company found that Romania, Vietnam and the United States generated the highest volume of e-commerce fraud over the holidays.

The United States led in security threats such as worms, accounting for 79 percent, during the October-to-January period. VeriSign, for example, counted 680,000 MS-SQL version overflow attacks in that period, as well as 375,000 MS-PCT Client Hello overflow attempts.

The majority of phishing capture sites moved from the United States during the second half of last year to other countries overseas, according to the report.

"Last year, we had a set of countries that is totally different than this year," Smith said. "It's like they're moving around and looking for weakened or comprised (Internet service providers)."