Skimmer acts as payment service provider via rogue iframe

Even e-commerce sites that do not take payment information themselves can be abused by crooks. In this post, we show how a web skimmer is able to inject an artificial iframe into the checkout page to prompt users for their credit card information. Victims will only realize something’s not right when they are redirected to the real (and external) payment form.

Read more

Web skimmers compete in Umbro Brasil hack

In this web skimming match between two Magecart groups, there can only be one winner.

Read more

Liar, liar, pants on fire! Barclays phish claims cards explode

We feel compelled to relay the dire warning from this Barclays snail-mail letter, which we acquired through social media, therefore it must be true.

Read more

Please don’t buy this: identity theft protection services

Identity theft protection services promise to have your back against cybercriminals looking to steal your data. But they don’t actually stop them from taking your identity. Are they worth it, then? We say no.

Read more

Fraud Tactics Against Chip-and-PIN Technology

20 days after EMV cards and terminals were expected to be fully implemented, we take a look at the latest tricks and methods fraudsters employ to steal chip-and-PIN card details.

Read more

Very Soon, Swipes will be Out and Inserts will be In

We took a look at EMV cards, learned some industry terms related to it, drafted several expectations once October rolls in, and we also provided practical tips on how to keep your chip cards, and the data they hold, secure.

Read more

Select your language