This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Complete Story
08/01/2019
Two Leading Cybersecurity Organizations Issue Joint Bulletin on Threat of Online Skimming to Payment Security
PCI Security Standards
Washington, D.C., August 1, 2019 – Today the PCI Security Standards Council and the Retail & Hospitality ISAC (https://rhisac.org/) issued a joint bulletin to highlight an emerging threat that requires urgent awareness and attention. The full bulletin can be viewed here.
What is the threat?
A growing threat that all merchants and service providers should be aware of is Web-based or Online Skimming. These attacks infect e-commerce websites with malicious code, known as sniffers or JavaScript (JS) sniffers and are very difficult to detect. Once a website is infected, payment card information is “skimmed” during a transaction without the merchant or consumer being aware that the information has been compromised.
A term sometimes used in the press for this threat is Magecart. Magecart is an umbrella term used by some security researchers to describe several criminal hacking groups who are responsible for various online skimming attacks. The term has also been used to generally identify the type of attack being utilized by the groups. These attacks have been active since 2015 and represent the continuously evolving cyber threat behind several high-profile attacks against international organizations.
Alerts
The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.
more information
Resources
Your electronic library to help in fighting financial fraud for all of our partners.
more information