Payment Card Skimming Resurfaces with an Internet Twist

This article has been indexed from

CySecurity News – Latest Information Security and Hacking Incidents

 

Card skimming has existed prior to the mainstream internet and is experiencing a revival as financial fraudsters recognise new potential to combine physical world data theft with online intrusion to steal even more money and information than ever. Only a week ago, it was announced that over 500 online retail sites were victims of a large “card skimming” incident, in which threat actors placed a device that allowed them to duplicate and steal the data from valid debit and credit cards as they were used for purchases. 
Card skimming fraudsters used to implant a physical device into ATMs or payment terminals to steal information from genuine consumers’ payment cards. Nowadays, since online shopping is more popular than ever, cyber thieves are utilising malware placed into the checkout pages of online commerce sites to acquire credit card information, which they can then resell or use in their own nefarious schemes. 
Sansec, a malware and vulnerability detection firm that works with over 7,000 online retailers, was among the first to notice this fraudulent card skimming activity earlier this month. The vendor proposes “cleaning” the affected retail sites in order to remove the harmful code, but experts fear that these cyber-skimmers may just shift their strategy and look for “backdoors” through which they can implement their viruses. 
Many of these new card-skimming attacks, as well as other card information theft tactics where the card is not physically present at the moment of transaction, have been

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: