Connect with us

Cyber Security

Warning Beware of New Web Skimming Tactic

Published

on

Online sellers and buyers are advised to be extra cautious when making transactions on the internet as web skimmers are at it again.

Internet phishing and hacking attack concept. Email spoofing and personal information security background. internet attack on credit card. vector illustration in flat design.

While eCommerce businesses and shoppers are busy preparing for the holidays, cybercriminals have found a new way to steal customers’ personal information like credit card details through a fraudulent payment service platform (PSP).

These skimmers would construct a page that looks exactly like a legit payments platform and wait for their unsuspecting victims to enter their payment details. Once they have collected the customer’s data, they are free to do whatever they wish to do with it.

What’s alarming about the fraudulent site is its ability to validate the user’s information to make them think that they are indeed on a legit payments platform.

Don’t Be a Skimming Victim

To avoid falling victim to web skimming, always check the URL of the payments page you’re on, especially if you were redirected from a merchant’s site.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Cyber Security

Authorities Take Down World’s Largest Illegal Dark Web Marketplace

Published

on

Europol on Tuesday said it shut down DarkMarket, the world’s largest online marketplace for illicit goods, as part of an international operation involving Germany, Australia, Denmark, Moldova, Ukraine, the U.K.’s National Crime Agency (NCA), and the U.S. Federal Bureau of Investigation (FBI).

At the time of closure, DarkMarket is believed to have had 500,000 users and more than 2,400 vendors, with over 320,000 transactions resulting in the transfer of more than 4,650 bitcoin and 12,800 monero — a sum total of €140 million ($170 million).

The illegal internet market specialized in the sales of drugs, counterfeit money, stolen or forged credit card information, anonymous SIM cards, and off-the-shelf malware.

In addition, the months-long intelligence operation also resulted in the arrest of a 34-year-old Australian national near the German-Danish border over the weekend, who is alleged to be the mastermind behind DarkMarket.

Continue Reading

Cyber Security

Microsoft Issues Patches for Defender Zero-Day

Published

on

Microsoft released security updates addressing a total of 83 flaws spanning as many as 11 products and services, the latest security patches cover Microsoft Windows, Edge browser, ChakraCore, Office and Microsoft Office Services, and Web Apps, Visual Studio, Microsoft Malware Protection Engine, .NET Core, ASP .NET, and Azure.

For organizations that are configured for automatic updating, no actions should be required, but one of the first actions a threat actor or malware will try to attempt is to disrupt threat protection on a system.

To install the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update, or by selecting Check for Windows updates.

Continue Reading

Cyber Security

Zoom End-to-End Encryption Update

Published

on

Zoom, the world’s most popular video conferencing platform announced it will roll out an end to end encryption feature (E2EE) to all users (Free/Basic). This is coming after there has been an outrage over poor security on its cloud-based video conferencing platform.

It’s not clear when the feature will launch for all users, but the beta is arriving in July and Zoom intends to have some level of permissions so account administrators can disable or enable it at the account or group level.

To make this possible, Free/Basic users seeking access to E2EE will participate in a one-time process that will prompt the user for additional pieces of information, such as verifying a phone number via a text message.

Other applications including Signal, Skype, and WhatsApp already offer E2EE in their messages and calls.

Zoom CEO Eric Yuan explains in its blog post, announcing its decision to bring E2EE to paid users only in early June. He explained that they want to be able to help law enforcement in investigations and that people who use Zoom to disrupt online meetings and to engage in criminal acts and facilitate horrible abuse generally use free (quasi-anonymous) accounts, also noting we are confident that by implementing risk-based authentication, in combination with our current mix of tools — including our Report a User function — we can continue to prevent and fight abuse.

Continue Reading

Trending