Payments Threat Intelligence: A Must-Have as Infostealers, Magecart Attacks Surge Payments Fraud

E-commerce and social marketplaces have paved the way for convenience in acquiring goods. They also have set the stage for myriad cyberattacks that range from the misuse of trusted brands to the sale of illicit hardware and devices. Merchants of all sizes are targets, with malicious sales often initiated through commonly used social platforms. Card issuers, acquirers, and online merchants, not to mention consumers, face the greatest risk, as they are left to deal with the resulting fraud and identity theft. 

But fraud is only a fraction of the story. What the industry fails to see is the nefarious web of cyber threats in which fraud is merely a byproduct. Many of the malicious compromises waged through e-commerce and social media are linked to stealthy malware strains known as infostealers, which are often backed by sophisticated organized crime rings supported by geopolitical adversaries. Many of the malicious compromises waged through e-commerce and social media are linked to stealthy malware strains known as infostealers, which are often backed by sophisticated organized crime rings that are backed or supported by geopolitical adversaries. Today’s infostealers not only compromise massive amounts of data about users, their devices, and their browsing behaviors but also have become increasingly difficult to detect and take down. Digital skimmers, which compromise malicious JavaScript code injected into checkout pages, also pose an increasing risk to e-commerce. Cyber threat intel is playing an ever-increasing role in the takedown of threat actors connected to emerging infostealers and digital skimming attacks.

Foreword

This Javelin Strategy & Research report, sponsored by Mastercard, details the evolving danger facing online marketplaces and social media platforms and suggests actions to be taken and tools to be leveraged in the ever-changing fight against malicious sales, scams, and other threats. Tracking cybercrime offers new opportunities for cyber threat attribution and stronger cyber-risk compliance and resiliency. 

Companies Mentioned:

Better Business Bureau, IBM, Mastercard, National Retail Federation, NIST, X-Force Threat Intelligence Index