Skimming data from online shoppers

A new Verizon Data Breach Investigation Report (DBIR) means it’s time to look and evaluate the state of data security across industries.

Almost 4,000 data breaches were examined, and to be honest, there are very few surprises in my opinion.  A lot of the data reaffirms what we’ve long known and always hear.  Causes like insider threats and human error continue to dominate, the latter of which has pinnacled to its highest level.  Around 68% of reported breaches have some type of credential stealing behind them, whether unwitting internal error or malicious phishing attacks, which are all the more prevalent during this pandemic.

More than half of the breaches, meanwhile, involve the theft of personal data like names, emails and Social Security numbers.  And 86% were financially motivated.

In all, this data paints a fairly predictable picture.  Hackers are savvy as ever and know how to adapt to new scenarios to suit their purposes.  For example, people are obviously shopping more online due to COVID-19, with many brick-and-mortar locations closed either temporarily or for good.  In fact, US retail sales surged almost 20% in May, and much of that is online.  Cyber criminals recently exploited this trend to install a credit card skimmer on the website of the retail company Claire’s.  In late April, malicious code was injected into the accessory store’s e-commerce platform.  The goal was to send submitted customer information to a false domain name, claires-assets.com, which had been created only a day after Claire’s physical stores had been closed on March 20.  So clearly, the hackers were on top of the situation here.

How they were able to pull this off is still unknown, but whatever the case, the infamous skimmer known as Magecart was attached to Claire’s online checkout form so it could exfiltrate payment card data over to the fake server.  Previously, Magecart had been used to attack British Airways and Newegg.  “Payment card-skimming malware continues to be a security challenge for retailers around the globe,” says Raif Mehmen, EMEA VP at Bitglass.

Anyway, it’s more credential theft, like the DBIR said.  As more entities report on their security incidents, following the mandates of laws like GDPR, these numbers will probably rise simply as a matter of course.  Businesses and government agencies should take extra care during this period to examine and shore up their online platforms.  Mass migrations of people will come there, which means the cyber thieves will tag along in even greater numbers.


By: Jonathan Weicher, post on June 17, 2020
Originally published at: http://www.netlibsecurity.com
Copyright: NetLib Security