Criminal gangs have been hitting e-commerce sites hard lately by injecting their malicious code to "skim" customers' payment card details. In a recent twist, Malwarebytes spotted a malicious iFrame that steps in front of the normal payment process to intercept card details.
Script-based payment card malware continues its successful run, impacting a range of e-commerce sites, security researchers warn. With fraudsters continuing to refine their tactics, countering card-sniffing scripts continues to be difficult.
Fifty-four percent of survey respondents say their institutions' digital authentication measures are average or below when compared to their peers. And 55 percent rate themselves at average or below when it comes to their institution's current ability to apply the right amount of security to the right transactions at...
Identity and access management is more complicated when organizations rely on a cloud infrastructure, says Brandon Swafford, CISO at Waterbury, Connecticut-based Webster Bank, who describes the challenges in an interview.
Just days after Drupal warned of a "highly critical" flaw in its web services modules, hackers came calling, exploiting the content management system vulnerability to install cryptocurrency miners and other malicious software on sites, security experts warn.
The notorious carder site Joker's Stash is featuring a fresh batch of Pakistani banks' payment card data with an estimated street value of $3.5 million. Nearly all of the 70,000 bank cards are advertised as being from Meezan Bank, the country's largest Islamic bank, Group-IB reports.
This Valentine's Day, authorities are once again warning individuals to watch out for anyone perpetrating romance scams. The FTC says Americans lost $143 million to romance scams in 2017, while in the U.K., Action Fraud says reported romance scam losses in 2018 topped $64 million.
Banks need to work toward improving collaboration between their cybersecurity and fraud management departments to boost efforts to mitigate cyberthreats, say Scott Walters and Eric Reddel of the consultancy Booz Allen Hamilton.
Identity theft is the fastest growing crime in the US. Globally, 1 in 60 online transactions are fraudulent. And if you don't know who your customers are, you can't onboard them to your platform.
Though businesses are moving online, their identity verification and KYC processes haven't. Instead, the old processes...
In 2018, the Identity Theft Resource Center counted 1,244 U.S. data breaches - involving the likes of Facebook, Marriott and Exactis - that exposed 447 million sensitive records, such as Social Security numbers, medical diagnoses and payment card data.
The State Bank of India, the nation's largest bank, is investigating an apparent data leak that reportedly exposed information on millions of its customers. Security experts are calling on all banks to improve their server management practices.
As part of its ongoing push toward cashless payments, India is taking steps to ramp up the use of contactless payments, which are already becoming more common in Japan, South Korea, Australia, the U.K. and the U.S. What can be done to balance security vs. convenience?
Banks in West Africa have been targeted by at least four hacking campaigns since mid-2017, with online attackers wielding commoditized attack tools and "living off the land" tactics to disguise their efforts, Symantec warns.
Although the Reserve Bank of India mandated that banks complete the shift from magnetic stripe debit and credit cards to EMV chip-and-PIN cards by Jan. 1 to help reduce fraud, there's still plenty of work to be done.
Hackers have been plugging inexpensive hardware into banks' local area networks to help perpetrate heists that have stolen tens of millions of dollars, warns Kaspersky Lab. It says that since 2017, the "DarkVishnya" attack campaign has hit at least eight Eastern European banks.