With many of these details later being used to make purchases on the internet, the danger to online retailers is very real.

As a retailer, you can protect against potential credit card fraud by using one of the many commercially-available fraud screening applications. In effect, these reinforce existing card authorisation systems, enabling businesses to screen internet transactions by calculating a risk score in real time.

The score is calculated by checking factors such as whether the delivery address is the same as the billing address and whether either matches up with the location of the customer's IP address, which identifies every computer on the Internet.

Similarly, if a customer registers with an email address from a web-based provider like Hotmail or Yahoo, this will affect the score, as it may have been done for the sake of anonymity.

In addition, credit card companies themselves are adopting payer-authentication solutions which take the burden of verification away from retailers by offering them online payment guarantees.

Both Mastercard and Visa offer schemes that enable cardholders to assign a password to their card to use each time an online purchase is made.

The increasingly sophisticated nature of computer viruses makes them another of the greatest threats so protect yourself from the consequences of a virus by regularly updating your firewall and meticulously backing up your system to help minimise any loss. Even if your system continues to function, vital information could be lost or corrupted.

Virus protection software is widely available and easy to manage, but as viruses change all the time, it is essential that it is regularly updated to cope with any new threat.

Newer, more sophisticated viruses pose the greatest threat. One of the most worrying developments for ecommerce companies is the rapid increase in "phishing".

Personal information Phishing fools customers into revealing personal information such as credit card numbers, usernames and passwords.

Typically, e-mails are sent requesting the information and providing a link to an imitation of a website where the victim unknowingly divulges the details. The bank accounts are then hijacked, cards are duplicated and identities stolen.

Because the e-mails are sent to tens of thousands of people, even a small success rate becomes a big problem. It's important, therefore, to keep your customers updated about possible risks and to offer general advice about internet fraud, perhaps on the home page of your site.

In extreme cases, trojan viruses are often automatically downloaded from these sites, which secretly log keystrokes or take screen shots of the login process made in when a consumer visits a genuine site in the future. The trojan then captures account details and sends them to the criminals.

The internet also attracts hackers, or those who enjoy the challenge of attempting to access computer systems and information by looking for weak spots and then exploiting them. Over the past few years there have been countless examples of companies discovering their website security is fatally flawed or at risk.

Don't just assume it won't happen to your company, as hacking is on the increase.

A favourite weapon of hackers is the "denial of service" attack, which occurs when a system either cannot cope with a high volume of requests and fails or slows its processing down so that a legitimate customer is unable to get a fast enough response when loading a web page.

Attacks tend to be on firms reliant on e-commerce, so have the potential to impact customer confidence.

Sometimes the damage is obvious, with a website vandalised, altered or damaged.

More serious in the long term, however, is the fact that that files can be copied and taken without the knowledge of the company. In some cases, companies have even received a threatening e-mail from hackers warning their very web presence is in jeopardy if they don't pay a ransom.

Whatever the damage, the loss of e-business, and perhaps even confidential customer information like credit card details, will inevitably lead to damage to your reputation and perhaps even expose you to claims for negligence and compensation.

Plan for recovery So, plan for recovery before the worst happens, ensuring that you have measures in place to repair any damage to your reputation as a retailer.

A firewall, sitting between your internet access and your network is vital. Intrusion detection systems are also available that alert you to anyone entering or testing your defences, though they have to be regularly updated.

It's also important that you test your system regularly for weakness.

The main thing to remember about hacking is that the problem is a dynamic one. As soon as your defences are updated, hackers can find a way around them, so software to prevent hacking must be maintained very frequently.

Other simpler steps can be taken to minimise the risk of internet fraud. Give consideration to using less commonly used software. Most internet fraud has the most commonlyused software in its sights, such as Outlook and Internet Explorer.

Be particularly aware of any programs other than e-mail and web browsers that may be connected to the internet, especially instant messaging applications, which allow text, voice, and video communication and file transfer.

Employee education is also important. No matter how good your policies and procedures are, employees can be the weakest link. Staff are often not averse to downloading unsafe programs onto their office computers, having disabled the security systems designed to protect them.

Few victims of internet fraud think about approaching the police, although increasingly there are dedicated resources for handling such enquiries.

All retailers need to be aware of the potential risks of dealing online. If you discover that the security of your ecommerce site has been compromised, it's important to act swiftly. What your company says and does in the first 24 hours after an attack will communicate to your customers what kind of business you are running.

Gareth Price is a freelance writer specialising in finance, business, management and technology

Useful contacts

Fraud screening - Streamline: www.streamline.com/Already_a_customer/Additional_products_&_services/Fraud_screening/default. htm<$>Card providers applications - Mastercard SecureCode: www.mastercardmerchant.com/securecode/getstarted.html Verified by Visa: www.visaeurope.com/acceptingvisa/verifiedbyvisa.html<$>Managed email security services - Vitanium Systems: www.4frontmedia.net/vvps/ Corpex: www.armourplate.com/about/default.asp<$>Anti-virus & firewall software - Symantec: www.symantec.com/index.htm McAfee: www.mcafee.com/uk/default.asp Alternative, safer, software - Eudora Mail: www.eudora.com/ Firefox Browser: www.mozilla.org/products/firefox/<$>To report incidents of fraud - www.antiphishing.org/