Europol has joined forces with law enforcement agencies in 17 countries to warn 443 online merchants that their customers' payment card data has been compromised. The two-month operation, led by Greece and supported by Group-IB and Sansec, combated digital skimming.
The essence of skimming is that hackers introduce tools or malware into online stores to intercept customers' credit card data during online payments. This problem has been affecting popular online stores for a long time.
Thanks to the work of the Computer Security Incident Response Teams (CSIRT) and the European Union Agency for Cybersecurity (ENISA), the affected sites were notified that they were being used to carry out skimming attacks.
Europol notes that such attacks often go undetected for a long time. Stolen payment information is usually offered for sale on the dark web. Consumers often do not realize that their data has been compromised until attackers use it for unauthorized transactions, and it is difficult to determine when the data was leaked.
Law enforcement provided technical support to online retailers to help remove malicious tools and ensure customer safety. The operation included the USA, Great Britain, Germany, Colombia, Spain and the Netherlands.
There are 119 million cards traded on the dark web, which could result in $9.4 billion in losses for card issuers and $35 billion in potential chargeback costs for merchants and buyers in 2023, according to a report from Recorded Future. In 2022, 45.6 million records with payment card data were compromised due to skimmers.
Total amount of card data on sale and its division into online (CNP) and physical payment (CP) card data
Among the stores where skimmers were introduced in 2023, restaurants (18.5% of the total number of victims), auto parts sellers, clothing stores and others stand out. The US leads the world in the number of maps available on the darknet, with over 50 million. In no other country or region does this number exceed 2.5 million.
Fraudsters are expected to improve their methods in 2024, continuing to use both traditional and new methods of card theft. Cards stolen from financial institutions in North America and Europe will continue to dominate sales. The report suggests that in 2024, cybercriminals will use sophisticated technology, fine-tuned processes and social engineering techniques to bypass fraud detection systems.
• Video:
The essence of skimming is that hackers introduce tools or malware into online stores to intercept customers' credit card data during online payments. This problem has been affecting popular online stores for a long time.
Thanks to the work of the Computer Security Incident Response Teams (CSIRT) and the European Union Agency for Cybersecurity (ENISA), the affected sites were notified that they were being used to carry out skimming attacks.
Europol notes that such attacks often go undetected for a long time. Stolen payment information is usually offered for sale on the dark web. Consumers often do not realize that their data has been compromised until attackers use it for unauthorized transactions, and it is difficult to determine when the data was leaked.
Law enforcement provided technical support to online retailers to help remove malicious tools and ensure customer safety. The operation included the USA, Great Britain, Germany, Colombia, Spain and the Netherlands.
There are 119 million cards traded on the dark web, which could result in $9.4 billion in losses for card issuers and $35 billion in potential chargeback costs for merchants and buyers in 2023, according to a report from Recorded Future. In 2022, 45.6 million records with payment card data were compromised due to skimmers.
Total amount of card data on sale and its division into online (CNP) and physical payment (CP) card data
Among the stores where skimmers were introduced in 2023, restaurants (18.5% of the total number of victims), auto parts sellers, clothing stores and others stand out. The US leads the world in the number of maps available on the darknet, with over 50 million. In no other country or region does this number exceed 2.5 million.
Fraudsters are expected to improve their methods in 2024, continuing to use both traditional and new methods of card theft. Cards stolen from financial institutions in North America and Europe will continue to dominate sales. The report suggests that in 2024, cybercriminals will use sophisticated technology, fine-tuned processes and social engineering techniques to bypass fraud detection systems.
• Video:
