User:Mhassa/sandbox

Cyber Security and Financial Transactions
In online shopping, there are two entities in the system including the business and the customer. Therefore, it is a system that is dependent on human interaction, as opposed to an auto-generated system. Thereby, there are specific cybersecurity vulnerabilities presented with online shopping when it comes to the completion of financial transactions. Customers are susceptible to falling for social engineering techniques used by malicious entities intending to compromise a business. Social engineering vulnerabilities include phishing and cross-site scripting (XSS). Phishing is the impersonation and masquerading of an official business, to scam people, i.e. customers through e-mail communication. Since adversaries are well versed with efficient techniques to pose as a legitimate business, most of the time customers fall for the scam. As financial transactions often ask for e-mails to send receipts, shipping status, etc. customers do not hesitate to comply. Therefore, verification of the business' identity when receiving an e-mail is crucial. Additionally, cross-site scripting (XSS) is the exploitation of customers' reviews on products or experiences with a business website. The vulnerability comes into play when the adversary injects malicious code into the website. The malicious code can exploit the system's secure financial transaction methods implemented, and steal data related to users' credit card information.