Payments News

On The Web

nbsp;

Risk

2018 Payment Security Report

“Lack of sustainable control environments remains a top contributor and precursor to ineffective controls, which in turn become susceptible to data breaches. Organizations achieve sustainable PCI Security compliance when they demonstrate a consistent capability to maintain ongoing operation of all required security controls within their compliance environment.”
nbsp;

Risk

Interac: One Phish to Phish Them All

“I recently had the pleasure of bumping into some of my Canadian friends at a Law Enforcement conference.  So when I saw someone mention a “National Bank of Canada” phish, I thought I would pull on the string a bit and see if it was actually an “Interac” phish.   Interac is a system for easily […]
nbsp;

Risk

What Cyber-War Will Look Like

“In a report Cancian wrote for the Center for Strategic and International Studies on how great powers adapt to tactical and strategic surprise, Cancian sketched out twelve “vignettes” of potential technological or strategic shocks to make his abstract points a bit more concrete. “
nbsp;

Risk

Retailers Were Inundated With 10 Billion Credential-Stuffing Attempts In Just Eight Months

“In the Web-services provider’s most recent “State of the Internet Security” report released Wednesday, Akamai says criminals like credential stuffingbecause it’s a numbers game. It’s an integral element in taking over a legitimate account to appear as the bona fide customer, thus skirting anti-fraud measures. In credential stuffing, criminals pull data from a database containing valid […]
nbsp;

Risk

What You Need to Know If You E-transfer Money | CBC News

“A system to transfer money online — used over a million times a day in Canada — is not as safe as it advertises, says a Royal Bank customer who had $1,734 stolen during an e-transfer. The theft occurred after Anne Hoover of Peterborough, Ont., e-transferred money from her RBC account to her friend Fran Fearnley, only to have a fraudster intercept […]
nbsp;

Risk

Why Synthetic identity fraud on the rise – The battle is just beginning

“Synthetic identity fraud differs from tradition identity theft in that the perpetrator creates a new synthetic identity rather than stealing an existing one. The process starts with someone stealing real social security numbers that aren’t actively being used — think children and elderly people who use little, if any, credit — and then creating identities by […]

On The Wires

nbsp;

Risk

Identity Spoofing Hits the Jackpot as the Primary Attack Vector on Gaming and Gambling Sites, Reveals New ThreatMetrix Cybercrime Report

“In the second quarter, location spoofing became the fastest growing attack vector in the space, increasing 257% year-on-year. This is due to the availability of more sophisticated location spoofing tools, which fraudsters use to attempt to disguise their true location to launder money. From collusive play and self-excluders, to malicious account takeovers (ATOs), operators must […]
nbsp;

Risk

Account Takeover Attacks Are an Enormous Vulnerability for Which Many Merchants Are Unprepared

“Riskified, the payments and fraud-prevention solutions provider, today released a survey on the effect of Account Takeover (ATO) attacks on eCommerce merchants and customers. ATOs happen when a bad actor gains access to a legitimate customer’s eCommerce store account and uses that account for fraud. The survey shows that ATO attacks have a huge negative […]