Almost all eCommerce websites leverage a dozen or more 3rd and 4th party digital supply chain partners that are beyond the reach of their security and compliance teams. Every day, that digital partner ecosystem puts eCommerce organizations at risk of both data leakage and data theft.  The post Protecting eCommerce ... Read More

The Kritec skimmer operates by intercepting the checkout process during online purchases. After a customer enters their payment details, the skimmer simulates a fake payment dialog, giving the impression that the payment has been processed. It then displays a fake error message, redirecting the victim to the actual payment page ... Read More

Retail stores often have visible security measures in place, such as security cameras and personnel monitoring. However, online stores have a security gap as they are vulnerable to cyberattacks, data breaches, and fraud. This security gap poses a significant challenge to e-commerce companies and requires robust cybersecurity measures to ensure ... Read More

The increase in eSkimming attacks targeting customer data leave no room for neglecting security precautions during website redesign projects. Securing your customers’ data at the point of entry (as it is being entered into the forms on your site) should be considered foundational when planning and executing any website redesign ... Read More

An authorized IRS eFile website is the latest victim of a JavaScript attack. eFile.com has become the victim of an attack which originated in a previously innocent JavaScript file. The javascript file, popper.js, was modified to include obfuscated code which redirected the browser to a legitimate looking error page. The ... Read More

Beware of digital skimming attacks! According to Visa's Spring 2023 Biannual Threats Report, digital skimming attacks targeting customer data on eCommerce checkout pages increased by 174% in the last half of 2022. The post Digital Skimming Attacks Skyrocket appeared first on Source Defense ... Read More

BidenCash, which purposely leverages the namesake of U.S. President Joe Biden, has been operating for the past year and has become one of the top carding marketplaces on the dark web. But what makes this latest dump of stolen data significant is the completeness of the dataset. The post Fullz ... Read More

A data breach is one of the worst things that can happen to any eCommerce business. It affects both customers and employees and can have a lasting impact on a company's reputation and financial stability. Data breaches have become a fact of life for organizations across the globe. But what ... Read More

The Liquor Control Board of Ontario (LCBO), Canada’s largest alcoholic beverage retailer, revealed last week that hackers had injected malicious code into its website to steal customer and credit card data. This represents another in a growing line of disclosures related to Digital Skimming attacks.  The post Canada’s Largest Alcohol ... Read More

According to the Annual Payment Fraud Intelligence Report by Recorded Future, nearly 60 million compromised payment card records were posted for sale on dark web platforms in 2022, of which 45.6 million were classified as card-not-present (CNP)—meaning they were harvested during an online eCommerce transaction. The post Magecart E-Skimmer Attacks ... Read More