On The Web
nbsp;
“While nearly everyone in the US has had their old magnetic stripe cards replaced with new cards that have a chip, it’s not uncommon to try to pay for something at a brick-and-mortar store with a chip card, only to be asked to swipe the magnetic stripe on the back. That puts a customer at […]
Fallback Fraud Falls as Card Issuers Ramp Up Their Monitoring
“Fallback fraud is an activity that typically comes and goes fairly quickly after a nation converts to EMV chip card payments, but it has stuck around longer than usual in the United States, ACG said. But issuers are getting smarter about identifying and thwarting it, according to Goldman. “They’re looking at dollar amounts, they’re looking at velocity […]
British Airways site had credit card skimming code injected
“The 22 lines of code are targeted to export the data entered in the BA website’s payment form to the malicious server when the “submit” button was clicked by a customer, with the data being sent as a JSON object. As a result, the transaction would go through for the customer without any errors, while […]
Riskified tackles credit card fraud
“Riskified founders CEO Eido Gal and CTO Assaf Feldman told “Globes” that in a world in which the scale of credit card fraud is growing at a dizzying pace, e-commerce websites are often forced to reject credit cards because of the slightest suspicion, even if the customer is as pure as the driven snow. They […]
New Breed of Fuel Pump Skimmer Uses SMS and Bluetooth — Krebs on Security
“Fraud investigators say they’ve uncovered a sophisticated new breed of credit card skimmers being installed at gas pumps that is capable of relaying stolen card data via mobile text message, thereby enabling fraudsters to collect it from anywhere in the world. One interesting component of this criminal innovation is a small cellphone and Bluetooth-enabled device […]
Mastercard Sees Other Banks Ditching Credit Card Numbers Like Apple Did
“First it was the signatures. Now the biggest U.S. banks could be looking to get rid of card numbers, too. This week, Apple Inc. introduced the Mastercard Inc.-branded Apple Card, which won’t have a number on the physical card as a way to improve security in case a customer loses it. That could encourage […]
Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards — Krebs on Security
“On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states. Multiple sources now tell KrebsOnSecurity that the card data came from compromised gas pumps, coffee […]
Meet Bluetana, the Scourge of Pump Skimmers — Krebs on Security
““Bluetana,” a new mobile app that looks for Bluetooth-based payment card skimmers hidden inside gas pumps, is helping police and state employees more rapidly and accurately locate compromised fuel stations across the nation, a study released this week suggests. Data collected in the course of the investigation also reveals some fascinating details that may help […]
Data: E-Retail Hacks More Lucrative Than Ever — Krebs on Security
“For many years and until quite recently, credit card data stolen from online merchants has been worth far less in the cybercrime underground than cards pilfered from hacked brick-and-mortar stores. But new data suggests that over the past year, the economics of supply-and-demand have helped to double the average price fetched by card-not-present data, meaning […]
American Cancer Society’s Online Store Infected With Credit Card Stealing Malware
“The American Cancer Society’s online store has become the latest victim of credit card-stealing malware. Security researcher Willem de Groot found the malware on the organization’s store website, buried in obfuscated code designed to look like legitimate analytics code. The code was designed to scrape credit card payments from the page, like similar attacks targeting […]