No Comments

Account hijacking is used to steal card numbers and codes

 

Most retailers worldwide plan to increase their budgets this year to protect themselves against fraud, according to new research from Ravelin, a provider of technology to prevent fraud and payment threats with confidence. According to the study, this is a reflection of the increase in account control attacks, in which the hacker hijacks consumer accounts to obtain any stored personal information that can be monetized on the dark web.

The survey reveals that 45% of retailers saw growth of this type of attack last year. Cybercriminals have used account hijacking to steal card numbers and verification codes (CVCs) stored in accounts to fraudulently buy goods or to sell access to those accounts on clandestine websites.

Ravelin says that account control attacks are increasing due to the reuse of passwords by consumers on various sites. When one is breached, fraudsters can use it in credential filling operations to test them on several other websites. Credential stuffing occurs when the cybercriminal obtains stolen credentials by some means, usually on the dark web, and then uses botnets or other automation tools to try to use the stolen usernames and passwords to gain fraudulent access to various other user accounts.

An October study from Akamai last year reveals that more than 60% of credential-filling attacks detected in the previous two years were targeted at retail, hospitality and travel businesses, with the majority (more than 90%) affecting retailers . In addition, almost 40% of fast-moving fashion and consumer goods retailers claim that online payment fraud is the biggest security risk, according to Ravelin’s report.

The so-called reimbursement abuse, or “friendly fraud”, in which the consumer claims that he never received the product he ordered online, increased to half of the interviewees. This can be attributed to the pandemic – primary scams like this tend to peak during periods of financial crisis, when money is tight and law enforcement is often tempted to lie.

E-commerce fraud is expected to have a firm response, as 76% of retailers say they will increase their budgets to combat this type of cybercrime in the next 12 months and 20% say the increase will be “significant”.

Ravelin’s CIO, Mairtin O’Riada, claims that the pandemic has given rise to the appearance of “a real Petri dish” (container used in laboratories for the cultivation of microorganisms) to increase fraud volumes. “Retailers are struggling to drive e-commerce and are dealing with extremely high volumes of online transactions, while also trying to fulfill an increasing number of online deliveries. And trying to detect fraud manually under these conditions is a difficult and expensive task ”, he adds.

See the original post at: https://www.cisoadvisor.com.br/sequestro-de-contas-e-usado-para-roubar-numeros-e-codigos-de-cartoes/?rand=59039

You might also like

More Similar Posts

Leave a Reply

Your email address will not be published.

Fill out this field
Fill out this field
Please enter a valid email address.