In light of the news that Mastercard, WorldPay and Amex were among the payment processors who took part in a ‘cyber war game’, in a bid to test their systems amid rising IT threats, please see below comment David Emm, Prinicpal Reeacher at Kasperky Lab.

David Emm, Prinicpal Security Reeacher at Kasperky Lab:

- CAT7282 300x200 - Payment Processors Took Part In ‘Cyber War Game’ To Test Their Security Systems

“It’s interesting to see that payment processors are actively testing their systems to see how prepared they are for a cyber-attack. In today’s digital age, online fraud is a very real threat. With almost every area of our daily lives now online, fraudsters are using a host of sophisticated and varied cyber-threats to target victims, and make them drop their guard. There are a variety of different types of credit card fraud; from combining cold-calling with phishing emails to targeted attacks that are being initiated through payment system endpoints and through the exploitation of customers’ credentials and confidential .

Since the introduction of EMV (chip cards), theft by duplicated credit cards has dramatically reduced with more fraud shifting online. There are still some attempts at card duplication of course, but as more countries have moved to chip cards, this is a high effort attack for lower returns. The volume of cards that can be compromised is likely lower than in a cyber-based attack, plus using a physically copied card attracts more risk of being caught as someone may notice the card looks . We are also seeing cybercriminals shifting their focus to account-based attacks. While account takeover fraud is by no new, fraudsters are increasingly focusing their efforts on this attack type – it can be more profitable as they can trade on the customer’s good reputation, plus the availability of customer data and credentials is higher than ever –  thanks to the continued success of data breaches and social engineering attacks.

Cybercriminals are always looking for an ‘angle’, i.e. something that might increase the likelihood that they will get a return on their investment. No sector can consider itself protected and must regularly review its security procedures. Specific measures will always vary depending on the organisation and the role of an employee, however, the core elements should remain the same. Examine the possible risks and evaluate how an individual and the potential to be manipulated can become a risk for . This process should also review physical security and look at how to protect sensitive corporate data. Fraud prevention efforts are often focused on stopping fraudulent transactions, but more impact could and should be made in reducing fraud – and fraud need to continue to converge with better communication across internal teams to identify attempted attacks sooner e.g. identify and take action as soon as there is an unusual attempt.”



Source link
Based Blockchain Network

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here