Black Friday and Cyber Monday are fast approaching, and concerns about credit card skimming are on the rise. Malwarebytes, an anti-malware provider, has issued a warning about the potential increase in this type of identity theft in the coming weeks. According to a post by Malwarebytes Labs on November 14, 2023, criminals are expected to step up their efforts to steal credit card information from ATMs, payment terminals, and compromised websites.
According to Malwarebytes researchers, the threat actors behind the Kritec campaign have gone to great lengths to customize their skimmer for each victim site, using convincing templates that are even localized in several languages. This has made the skimming process seamless and practically undetectable for online shoppers. The infrastructure for this campaign is located on the IT WEB LTD network, registered in the British Virgin Islands.
The Kritec skimming campaign experienced a surge in activity in October, following a period of reduced activity during the summer. The threat actors behind this campaign have adapted their tactics to target the holiday shopping season, hoping to capitalize on the increased volume of online transactions during this time.
As consumers gear up for the holiday shopping rush, it is essential to remain vigilant and take precautions to protect personal and financial information. Malwarebytes advises individuals to be wary of entering credit card details on unfamiliar or compromised websites, as well as to regularly monitor their bank and credit card statements for any unauthorized transactions. Additionally, organizations that operate e-commerce platforms should ensure that their websites are regularly scanned for potential security vulnerabilities and that appropriate measures are in place to detect and mitigate any malicious activity.
With the rise of credit card skimming and other forms of cyber threats, it is crucial for both consumers and businesses to stay informed and proactive in safeguarding against potential security risks. By remaining vigilant and staying informed about the latest threats, individuals and organizations can reduce the likelihood of falling victim to cybercriminals and protect their sensitive information from unauthorized access and exploitation.