Customer Data & Online Shopping Security
When SHEIN customers create accounts, this personal information like addresses and phone numbers must be protected from hackers who want to steal identities
What is customer personal information (or PII - Personally Identifiable Information)
SHEIN works with thousands of suppliers worldwide, and if one supplier gets hacked, it could expose this type of business information about upcoming products
What is confidential business information (or trade secrets)
SHEIN employees should never share these login credentials with coworkers, even if they're trying to be helpful
What are passwords (or login information)
SHEIN processes millions of these transactions daily, making it crucial to protect customer financial information during checkout
What are credit card transactions (or online payments)
SHEIN's social media accounts have millions of followers, so if they get hacked, criminals could post fake sales or links to malicious websites—this is called what?
What is account takeover (or social media hijacking)
SHEIN stores millions of these payment details from customers, making the company a attractive target for cybercriminals looking to make fraudulent purchases
What are credit card numbers (or payment information)
When SHEIN shares product designs and specifications with manufacturers, they should use this type of secure method instead of regular email
What is encrypted communication (or secure file sharing)
If a SHEIN employee receives an email claiming to be from the CEO asking for confidential sales data, they should do this before responding
What is verify the request (or confirm with the CEO directly)
When customers see this small lock icon next to SHEIN's website address, it means their payment information is being protected during transmission
What is the security lock (or HTTPS security)
When SHEIN influencers and brand ambassadors post about products, they should be careful not to accidentally share these types of behind-the-scenes business details
What is confidential information (or internal business information)
If SHEIN's website gets hacked and customer passwords are stolen, customers should immediately do this to protect their accounts
What is change their passwords
If a SHEIN supplier's email gets hacked, criminals might send fake invoices asking SHEIN to pay money to the wrong bank account—this is called what type of fraud?
What is invoice fraud (or business email compromise)
When SHEIN employees work from home, they should make sure to do this to their computer screen when stepping away, even for a few minutes
What is lock their screen
If SHEIN's payment system gets breached, the company must quickly do this to inform customers that their financial information might be at risk
What is notify customers (or send breach notifications)
If someone creates a fake SHEIN social media account to scam customers, this is called what type of impersonation?
What is brand impersonation (or impersonation fraud)
When customers shop on SHEIN's mobile app, this type of connection should be used instead of public Wi-Fi to keep their information safe
What is a secure/private network connection
SHEIN should require suppliers to follow these types of security standards to protect shared information—like having rules for how to handle sensitive data
What are security policies (or data protection requirements)
SHEIN employees should be extra careful about posting these types of photos on social media that might accidentally show confidential business information
What are workplace photos (or photos of computer screens/documents)
SHEIN should never store these three or four digit codes from the back of credit cards, as they're meant for one-time verification only
What are CVV codes (or security codes)
SHEIN should regularly monitor social media for fake accounts pretending to be the company, as these could be used for this type of criminal activity
What are scams (or fraud)
SHEIN must follow these types of laws, like GDPR in Europe, that protect how customer personal information is collected and used
What are privacy laws (or data protection regulations)
Before working with new suppliers, SHEIN should do this type of check to make sure they have good security practices—like a background check for companies
What is a security assessment (or vendor security review)
If a SHEIN employee suspects their work computer has been infected with malware, they should immediately do this to prevent it from spreading
What is disconnect from the network (or report to IT)
This type of fraud occurs when criminals use stolen credit card information to make fake purchases on SHEIN's website
What is credit card fraud (or fraudulent transactions)
When SHEIN runs social media contests asking customers to share personal information, they must be careful to protect this data according to privacy laws
What is customer personal data (or contest entry information)