On The Web

nbsp;

Risk & Fraud

Interac: One Phish to Phish Them All

September 14 2018

• in
• Account takeover

“I recently had the pleasure of bumping into some of my Canadian friends at a Law Enforcement conference.  So when I saw someone mention a “National Bank of Canada” phish, I thought I would pull on the string a bit and see if it was actually an “Interac” phish.   Interac is a system for easily […]

nbsp;

Risk & Fraud

Securing Omnichannel Experiences from Cross-Channel Fraud

September 14 2018

• in
• Payments fraud

“With cross-channel fraud, a fraudster steals personal information about a user from one channel, and then uses that information to commit fraud in another. Here’s an example. Fraudsters frequently use social engineering scams to trick a user into granting access to an online account, like a banking account. Once in, the fraudster has easy access to […]

nbsp;

Risk & Fraud

HOW HACKERS SLIPPED BY BRITISH AIRWAYS’ DEFENSES

September 12 2018

• in
• Ecommerce fraud

“ON FRIDAY, BRITISH Airways disclosed a data breach impacting customer information from roughly 380,000 booking transactions made between August 21 and September 5 of this year. The company said that names, addresses, email addresses, and sensitive payment card details were all compromised. Now, researchers from the threat detection firm RiskIQ have shed new light on how the attackers […]

nbsp;

Risk & Fraud

British Airways site had credit card skimming code injected

September 11 2018

• in
• Card fraud

“The 22 lines of code are targeted to export the data entered in the BA website’s payment form to the malicious server when the “submit” button was clicked by a customer, with the data being sent as a JSON object. As a result, the transaction would go through for the customer without any errors, while […]

nbsp;

Risk & Fraud

UK government and banks plan anti-fraud initiative

September 17 2018

• in
• Payments fraud

“According to the Daily Telegraph, ministers have become increasingly concerned about the impact of fraud in recent months, with attacks on more than 1,300 TSB customers after the bank’s IT meltdown in April. The bank’s chief executive Paul Pester stepped down earlier this month.”

nbsp;

Risk & Fraud

GovPayNow.com Leaks 14M+ Records

September 18 2018

• in
• Data breach

“Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the […]

nbsp;

Risk & Fraud

Crypto Exchange Zaif Hacked In $60 Million, 6,000 Bitcoin Theft

September 20 2018

• in
• Cryptocurrency fraud

“Yet another Japan-based cryptocurrency exchange has been hacked, losing a 6.7 billion yen (about $60 million worth of cryptocurrency), including 5,966 bitcoins. The licensed exchange, called Zaif, is operated by the Tech Bureau. It said on Thursday that the exchange first noticed an unusual outflow of funds on the platform around 17:00 Japan time on September 14, […]

nbsp;

Risk & Fraud

Danske Bank CEO quits over $234 billion money laundering scandal

September 20 2018

• in
• Money laundering

“Danske Bank’s (DANSKE.CO) chief executive Thomas Borgen resigned on Wednesday after an investigation revealed payments totaling 200 billion euros ($234 billion) through its small Estonian branch, many of which the bank said were suspicious.”

nbsp;

Risk & Fraud

Hackers stole customer credit cards in Newegg data breach

September 19 2018

• in
• Data breach

“Hackers injected 15 lines of card skimming code on the online retailer’s payments page which remained for more than a month between August 14 and September 18, Yonathan Klijnsma, a threat researcher at RiskIQ, told TechCrunch. The code siphoned off credit card data from unsuspecting customers to a server controlled by the hackers with a […]

nbsp;

Companies

Equifax fined by ICO over data breach that hit Britons

September 20 2018

• in
• Data breach
• Equifax
• UK

“Credit rating agency Equifax is to be fined £500,000 by the Information Commissioner’s Office (ICO) after it failed to protect the personal data of 15 million Britons. A 2017 cyber-attack exposed information belonging to 146 million people around the world, mostly in the US.”