HomeRisk ManagementsMalwarebytes Warns of Credit Card Skimming Surge on Black Friday

Malwarebytes Warns of Credit Card Skimming Surge on Black Friday

Published on

spot_img

Black Friday and Cyber Monday are fast approaching, and concerns about credit card skimming are on the rise. Malwarebytes, an anti-malware provider, has issued a warning about the potential increase in this type of identity theft in the coming weeks. According to a post by Malwarebytes Labs on November 14, 2023, criminals are expected to step up their efforts to steal credit card information from ATMs, payment terminals, and compromised websites.

One specific credit card skimming campaign, known as Kritec, has gained momentum in recent months. Kritec is a type of skimmer that was first identified by Akamai in March 2023 and attributed to Magecart, a group of hackers that uses online skimming techniques to steal personal data from websites. Malwarebytes has observed several differences from previous Magecart skimming campaigns and attributed them to a different threat actor named Kritec. This malicious JavaScript code is injected into legitimate websites, particularly those using the Magento e-commerce platform, and hides within the Google Tag Manager script, making it challenging for security solutions to detect. When a customer enters their credit card information on the checkout page, Kritec steals the information and sends it to a remote server controlled by the attackers.

According to Malwarebytes researchers, the threat actors behind the Kritec campaign have gone to great lengths to customize their skimmer for each victim site, using convincing templates that are even localized in several languages. This has made the skimming process seamless and practically undetectable for online shoppers. The infrastructure for this campaign is located on the IT WEB LTD network, registered in the British Virgin Islands.

The Kritec skimming campaign experienced a surge in activity in October, following a period of reduced activity during the summer. The threat actors behind this campaign have adapted their tactics to target the holiday shopping season, hoping to capitalize on the increased volume of online transactions during this time.

As consumers gear up for the holiday shopping rush, it is essential to remain vigilant and take precautions to protect personal and financial information. Malwarebytes advises individuals to be wary of entering credit card details on unfamiliar or compromised websites, as well as to regularly monitor their bank and credit card statements for any unauthorized transactions. Additionally, organizations that operate e-commerce platforms should ensure that their websites are regularly scanned for potential security vulnerabilities and that appropriate measures are in place to detect and mitigate any malicious activity.

With the rise of credit card skimming and other forms of cyber threats, it is crucial for both consumers and businesses to stay informed and proactive in safeguarding against potential security risks. By remaining vigilant and staying informed about the latest threats, individuals and organizations can reduce the likelihood of falling victim to cybercriminals and protect their sensitive information from unauthorized access and exploitation.

Source link

Latest articles

NCSC Implements Important Updates after IPAC Evaluation of Cyber Threats – Source:cyble.com

In New Zealand, the Government Communications Security Bureau (GCSB) has taken significant steps to...

Finland Detains Tanker Believed to Have Damaged Undersea Cables

Finnish authorities took action on Thursday by boarding an oil tanker suspected of causing...

Elderly man loses Rs 25L in cyber fraud scam in Ranip

An elderly man from Rashtradeep Society, Ranip, fell victim to a sophisticated cyber fraud...

Exploring Hacker Forums Reveals Key Details about Space Cyber Attacks

Recent cyberattacks targeting the space sector have raised concerns within the international community, particularly...

More like this

NCSC Implements Important Updates after IPAC Evaluation of Cyber Threats – Source:cyble.com

In New Zealand, the Government Communications Security Bureau (GCSB) has taken significant steps to...

Finland Detains Tanker Believed to Have Damaged Undersea Cables

Finnish authorities took action on Thursday by boarding an oil tanker suspected of causing...

Elderly man loses Rs 25L in cyber fraud scam in Ranip

An elderly man from Rashtradeep Society, Ranip, fell victim to a sophisticated cyber fraud...