PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

Cyber-Thieves Rush to Steal Data Before Chip Technology Sets In

By Sarah Grotta
April 21, 2016
in Analysts Coverage
0
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

Midsection of salesman accepting payment through NFC technology from customer in hardware store

We heard earlier this week some positive news from Visa about a decrease in fraud losses that their top merchants with EMV installed are enjoying. More on that here. Today an article in Bloomberg puts a damper on the good news, referencing a report detailing that thieves are ramping up their activities to steal card credentials through malware, before it becomes more difficult once EMV is more fully implemented:

Cyber-thieves see new credit card chip technology being adopted by U.S. retailers closing a lucrative window of opportunity to steal your data. So they want to move fast.

We’ve actually seen a number of discussions, in some cybercrime communities, where they’re reacting to that and saying, ‘OK, we have a limited number of opportunities to continue these attacks and we need to take the maximum advantage,”’ said John Miller, director of ThreatScape Cyber Crime at iSIGHT Partners, which was acquired by FireEye Inc. in January.

With some of the malware that has been studied by FireEye, the fraudsters are capturing login details along with card information. This allows for thieves to steal through online transactions which are unprotected by EMV:

FireEye, which provides malware and network-threat protection systems, tracked a cybercrime group it calls “FIN6.” The group steals credit card numbers from the retail and hospitality industries and delivers the digits to an online “underground card shop.” The report found cases spanning from 2014 through this year.

Malware such as GRABNEW, which captures login credentials, can come as an e-mail attachment, FireEye said. FIN6 either sends that malware or pays others for the credentials.

Once FIN6 gets into a company’s network, it uses software vulnerabilities to move around and locate card numbers. One FIN6-linked case resulted in 20 million cards, mostly from the U.S., in the online shop, selling for about $21 each, Milpitas, California-based FireEye said.

Overview by Sarah Grotta, Director, Debit Advisory Service at Mercator Advisory Group

Read the full story here

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    embedded lending

    Embedded Lending as a Growth Strategy for ISVs—How to Maximize Revenue Potential

    June 18, 2025
    merchant ai

    Merchants Find More Use Cases for AI Amid Risks

    June 17, 2025
    prepaid payroll

    Taking the Check Out of Paycheck: The Role of Prepaid in Payroll

    June 16, 2025
    Banking-as-a-service BaaS

    Remodeling Main Street: How Community Banks Can Leverage the Banking-as-a-Service Paradigm

    June 12, 2025
    How Employee Performance Enhances the Customer Experience

    Three Strategies to Maximize Loyalty in the AI-Driven World 

    June 11, 2025
    PFM tools

    How FIs Are Cutting Through Subscription Clutter with PFM Tools

    June 10, 2025
    child identity theft

    Stranger Danger: Protecting Your Children from Identity Theft

    June 9, 2025
    agentic commerce

    The Agentic Advent: How the Next Iteration of AI is Shaping Commerce

    June 6, 2025

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2024 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result