Ransomware attacks remain the top cyber-enabled threat seen by law enforcement. But phishing, business email compromises and other types of fraud - many now using a COVID-19 theme - also loom large, Europol warns in its latest Internet Organized Crime Threat Assessment.
While most payment card skimming attacks zero in on ecommerce sites for consumers, a newly discovered attack targeted PlayBack Now, an online video conferencing firm, Malwarebytes reports.
The COVID-19 pandemic has shifted the dynamic of card fraud in favor of the fraudsters due to the massive increase of online transactions, says Andrei Barysevich of the fraud intelligence company Gemini Advisory. And many fraudsters are using more sophisticated tools, including anti-fingerprinting technology.
Virtual payment cards being tested in Europe and the United States could help mitigate the risk of merchant fraud, says Rui Carvalho of the nonprofit European Association for Secure Transactions.
The shift to online shopping - and card-not-present transactions - during the COVID-19 pandemic has driven fraudsters to shift their strategies, including ramping up efforts to open fraudulent accounts, says Gord Jamieson of Visa, who offers advice on mitigating the risks.
Russian criminals operating online who want to stay out of jail need only to follow a few simple rules, the primary one being: Never target Russians. So it's surprising that security researchers have uncovered a new ransomware-wielding gang of Russian speakers that includes Russian victims on its hit list.
From Friday through Monday, malicious JavaScript skimming code was injected into nearly 2,000 e-commerce sites that were running an older version of Adobe's Magento software, possibly resulting in the theft of payment card data, according to Sanguine Security.
Fighting payment fraud requires protecting far more than just payment data, says Sujay Vasudevan, vice president of cyber and intelligence solutions at Mastercard, who describe key steps.
A leaked database compiled by a Chinese company has suddenly become the focus of news media reports warning that it could be used as an espionage instrument by Beijing. But on closer examination, the alleged "social media warfare database" looks like public information largely scraped from social media sites.
Visa's payment fraud disruption team is warning of a recently uncovered digital skimmer called "Baka" that is stealing payment care data from e-commerce sites while hiding from security tools.
A flaw in how contactless cards from Visa - and potentially other issuers - have implemented the EMV protocol can be abused to bypass PIN verification for high-value transactions, ETH Zurich researchers warn. But Visa says the exploits would be "impractical for fraudsters to employ" in real-world attacks.
With apologies to Jay-Z, getting hit with ransomware might make victims feel like they have 99 problems, even if a decryptor ain't one. That's because ransomware-wielding gangs continue to find innovative new ways to extort cryptocurrency from crypto-locking malware victims.
Some payment card fraud detection systems that rely on artificial intelligence are now less effective because of changes in consumers' habits during the COVID-19 pandemic, says Rene Perez of Jack Henry & Associates, who offers insights on needed adjustments.
Some fraudsters are now using the encrypted instant messaging app Telegram as a fast and easy way to steal payment card data from ecommerce sites, according to an analysis from Malwarebytes.
When implementing a cybersecurity risk framework, enterprises should use a structured approach to identity and evaluate and manage the risks posed by increased digital transactions during the pandemic, says Dmitry Chernetsky, global presales expert, Kaspersky-APAC.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.