Online Skimming — The Emerging Payment Card Fraud

 

In today’s world, where data holds immense value, cyber threats are becoming increasingly prevalent. Despite many organizations enhancing their security measures to protect sensitive information, hackers still manage to exploit minor vulnerabilities, turning them into significant breaches.

The Rise of Online Skimming

A new form of internet card fraud, known as Online/Web-based/Digital Skimming, is on the rise. This fraudulent activity involves stealing payment data during Card-Not-Present (CNP) transactions on e-commerce sites. Reports indicate that these attacks exploit misconfigured networks and use brute force tactics.

PCI SSC’s Recent Bulletin

The Payment Card Industry Security Standards Council (PCI SSC) recently issued a bulletin alerting e-commerce merchants and service providers about the growing threat of online card fraud. The bulletin highlights the severity of the threat and provides guidance on preventive measures.

Understanding Online Skimming

Online skimming, a term familiar to cybersecurity experts since 2015, has evolved from targeting physical ATMs to focusing on CNP transactions on e-commerce sites. Hackers inject malicious code into websites, making it challenging to detect and remove. This code captures payment information such as billing addresses, CVV2, PAN, and card expiration dates during transactions without the knowledge of customers or service providers.

The Role of Magecart

Magecart refers to various groups of cybercriminals that perform different types of skimming attacks. These groups compete with each other to steal and sell data on the dark web. They target the payment application infrastructure provided by third-party service providers to e-commerce merchants.

How Online Skimmers Operate

Hackers typically start by compromising the Content Delivery Network (CDN) implementations of service providers, injecting JavaScript sniffers used by merchants to facilitate payment transactions. These sniffers collect sensitive payment information entered by customers during purchases. A study by VISA’s Payment Fraud Disruption (PFD) and e-commerce Threat Disruption (eTD) found that attackers use the same infrastructure for multiple attacks, targeting service providers hosting code across several CDNs.

The Scale of the Threat

In July 2019, it was reported that 17,000 domains, integrated with initially targeted 8 web-based service providers in April 2019, were compromised. Attackers used two primary methods to exploit CDNs: leveraging common vulnerabilities such as misconfigurations and conducting brute force attacks. The payload, known as the inter digital skimming kit, used in these attacks is widely available on the dark web.

Preventive Measures

Online skimming attacks serve as a warning to service providers and merchants. To counter these threats, organizations must adopt several preventive measures:

  1. Regular Code Reviews: Frequently inspect your code for any vulnerabilities.
  2. Update Login Credentials: Ensure credentials are regularly updated.
  3. Proper CDN Configuration: Securely configure CDNs and restrict access.
  4. Consistent Configurations: Use a single, secure configuration for all implementations to avoid inconsistencies.
  5. Penetration Testing and Regular Patching: Conduct penetration tests and regularly apply patches to identify and close security gaps.
  6. Multi-layered Security Systems: Implement multiple layers of security to enhance protection.
  7. Checkout Solutions: Use redirect checkout solutions, allowing customers to enter payment information on a secure page separate from the main e-commerce site.

Conclusion

E-commerce merchants must adhere to best security practices and comply with PCI guidelines to mitigate the risks associated with online skimming. The consequences of data breaches can be severe, making proactive security measures essential in safeguarding against these evolving cyber threats.

Comments

Post a Comment

Popular posts from this blog

The importance of 3D Secure for payments data security

Image
  In the rapidly evolving landscape of online transactions, the keyword of the hour is undoubtedly “ data security .” With the surge in online shopping, the imperative for robust payment data security programs has become more pronounced than ever. One such measure at the forefront of this battle is the 3D Secure (3DS) protocol, an authentication mechanism designed to fortify the security of online card transactions. Also recognized as Payer authentication, 3D Secure acts as a sentinel, scrutinizing and verifying the identity of the cardholder through an additional layer of authentication. This involves the cardholder entering a password or a one-time code sent via text message or email. The significance of this extra step cannot be overstated — it serves as a formidable deterrent against unauthorized transactions, substantially reducing the risk of fraud and instilling confidence in both merchants and customers engaging in online transactions. The three domains of 3DS — the Issuer ...
Read more

4 types of cyber threat hunting tools

Image
  Cyber threat   hunting is a vital proactive approach to cybersecurity, essential for identifying potential threats and intrusions within organizational networks. Unlike traditional reactive measures, this process involves actively searching for indicators of compromise (IoCs), advanced persistent threats (APTs), and emerging attack vectors that may be lurking undetected within a system. The effectiveness of threat hunting hinges on a well-structured process that involves planning, baselining, testing, and the use of automated tools. The foundation of threat hunting lies in meticulous planning and hypothesis formulation by experienced  cybersecurity  professionals. They employ various methodologies to create strategies for uncovering potential threats, baselining normal system behavior, and then testing these hypotheses. Automation tools play a crucial role, assisting in threat analysis by identifying suspicious patterns and relationships on a large scale. Several c...
Read more

Forget everything else. This is how Intelligent Automation will reimagine businesses in 2024

Image
  The year 2024 is poised to be a pivotal one for intelligent automation. As businesses navigate a complex economic landscape, the need for efficient, adaptable, and intelligent solutions has never been greater. With macro-economic projections set to continue from where they left off in 2023, optimization is set to be a key focus area. This article delves into the key trends shaping intelligent automation in 2024, exploring how these advancements will transform the way we work and live. But first, what exactly is intelligent automation? IPA is the cool kid in the automation playground. It’s not going to listen to you or do things just because someone said so. It’s got AI smarts to analyze data, make decisions, and even learn from its mistakes. Think of it as a robot Yoda, guiding other robots on the path to automation enlightenment. Sure, it’s constantly under training, but its ability to learn, adapt, and evolve is limitless. Like a self-driving car that can brew your morning coff...
Read more