While most payment card skimming attacks zero in on ecommerce sites for consumers, a newly discovered attack targeted PlayBack Now, an online video conferencing firm, Malwarebytes reports.
The COVID-19 pandemic has shifted the dynamic of card fraud in favor of the fraudsters due to the massive increase of online transactions, says Andrei Barysevich of the fraud intelligence company Gemini Advisory. And many fraudsters are using more sophisticated tools, including anti-fingerprinting technology.
Virtual payment cards being tested in Europe and the United States could help mitigate the risk of merchant fraud, says Rui Carvalho of the nonprofit European Association for Secure Transactions.
The shift to online shopping - and card-not-present transactions - during the COVID-19 pandemic has driven fraudsters to shift their strategies, including ramping up efforts to open fraudulent accounts, says Gord Jamieson of Visa, who offers advice on mitigating the risks.
From Friday through Monday, malicious JavaScript skimming code was injected into nearly 2,000 e-commerce sites that were running an older version of Adobe's Magento software, possibly resulting in the theft of payment card data, according to Sanguine Security.
Fighting payment fraud requires protecting far more than just payment data, says Sujay Vasudevan, vice president of cyber and intelligence solutions at Mastercard, who describe key steps.
A flaw in how contactless cards from Visa - and potentially other issuers - have implemented the EMV protocol can be abused to bypass PIN verification for high-value transactions, ETH Zurich researchers warn. But Visa says the exploits would be "impractical for fraudsters to employ" in real-world attacks.
Some payment card fraud detection systems that rely on artificial intelligence are now less effective because of changes in consumers' habits during the COVID-19 pandemic, says Rene Perez of Jack Henry & Associates, who offers insights on needed adjustments.
Some fraudsters are now using the encrypted instant messaging app Telegram as a fast and easy way to steal payment card data from ecommerce sites, according to an analysis from Malwarebytes.
When implementing a cybersecurity risk framework, enterprises should use a structured approach to identity and evaluate and manage the risks posed by increased digital transactions during the pandemic, says Dmitry Chernetsky, global presales expert, Kaspersky-APAC.
The COVID-19 pandemic has led to changes in the way payments are made. David Lott of the Federal Reserve Bank of Atlanta discusses how fraudsters are adapting to the changing landscape.
The IcedID banking Trojan has been updated with additional evasion techniques, including a password-protected attachment, keyword obfuscation and a DLL file that acts as a second-stage downloader, according to Juniper Threat Labs.
Chaos ensued when miscreants interrupted a virtual bail hearing on Wednesday for the suspected Twitter hacker, hijacking the feed with screams, chatter and, for a few brief seconds, pornography. The meeting details were public, and the meeting had not been password protected.
A member of the infamous Infraud Organization who was the creator of a malware strain called FastPOS has pleaded guilty to a federal conspiracy charge. Valerian Chiochiu assisted other cybercriminals through the Infraud site before authorities shuttered it in 2018, prosecutors say.
The latest edition of the ISMG Security Report analyzes the hacking of Dave, a mobile banking app. Plus: Sizing up the impact of GDPR after two years of enforcement and an assessment of IIoT vulnerabilities.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.