Being an informed consumer – who is allowed to handle my ...

www.ip-rs.siWEB SHOPPINGWhen you visit web sites on the Internet, and in particular if you are engagedin web shopping you need to consider security issues. You need to check whoyou are dealing with, if the web site can be trusted, and who are actually thesuppliers of goods or services at the other end.Q: How do I know if the web site is secure and who can I trust?In fact you can never be 100% sure if the web site is secure. There are someindicators which show the relative security of the web site. Before you giveyour personal data away, look for to see if the web address on the page beginswith “https:” instead of “http”. Look for the picture of a closed padlock in yourbrowser window. It indicates that the security is operative :site the user is directed to the fake (phishing) one, from where the phishers caneasily harvest your personal data.How do I detect and prevent phishing?1. Detect fraudulent e-mail:If the e-mail message is threatening (e.g. your data will belost, your account will be erased, etc.) if you do not followtheir instructions (e.g. “...If you don’t respond and give us youruser name within x days we are going to consider your accountinactive or disposed of and your account will be closed.”...”).2. Check the source of your e-mail messages:banks will never contact you via e-mail, and in particular will notrequire your personal data in this way.3. Don’t click on links in e-mail which looks like an authentic link to your bank. Ratheruse your bookmarks or shortcuts.4. Check if you are on the right URL (https:\\... )5. Regularly check your bank account statements.6. Make sure your computer system is protected and you have the latest versionsof the browser installed.There are many fraudulent suppliers of goods on the web and they may looktrustworthy at first sight. They are becoming more and more ingenious andpretend to be a well known company. Thus it may soon happen that by orderinggoods you are going to give your personal data to a fake company. Cheaters arevery smart and they can abuse your data in many different ways. This phenomenonhas become known as phishing, which is a method of acquiring sensitiveinformation by masquerading as a trustworthy entity. Phishing is carried outby e-mail where the user receives a fake message which looks almost identicalto the legitimate one (e.g. your bank) and is seemingly authentic: name of thecompany, graphic design, layout, seemingly real names of employees and units,even the URL can appear to be genuine.The message directs the user to visit their web site to enter personal details becauseof security or to renew the bank account for example. A link to the website is given in the message, however instead of leading to the authentic web9You are strongly advised to be extremely careful when dealing with the providersof goods and services over the net. According to European legislation, thesuppliers of goods and services online need to provide easy, direct and permanentaccess to the information such as:• name and contact information (geographic address, e-mail),• trade register (in Slovenia this is Business register), in which the company isregistered, and identification code from this register,• information about the competent supervisory body if the activities of thecompany are subject to an authorisation scheme,• identification number of the service provider engaged in activities that aresubject to VAT.