While e-commerce sites are the primary target because hackers can scrape data from millions of cards, consumers have a job to do when it comes to protecting what’s in their wallet, warns Jeremy Samide, CEO of Stealthcare.
Samide tells consumers, “Don’t ignore those tiny seven to ten-dollar charges that appear out of nowhere on your credit card. If you can’t attribute the charge to a purchase, notify your credit card company or bank. Thieves test cards with innocuous purchases before going in for the big score.”
Other advice from Samide:
- Don’t make purchases using unsecured Wi-Fi hot spots at the coffee shop.
- Change passwords frequently and do not use obvious words such as books for Amazon or aeroplane for Travelocity.
- Don’t share your passwords or allow friends to log into your accounts, no matter how insignificant or how often they ask.
- Know how your kids use your devices. They tend to roam into the Google Play store and download weird games or visit other sites that can be the source of an attack; that goes for kids of all ages, including parents!
- Use two-factor authentication for email and application access. It can be done with little effort and it adds a secondary layer of protection of resources.
- Provide the least amount of information to third-party requests to reduce your attack surface.
“A common sucker play,” adds Samide, “five-minute surveys enticing you with a chance to win a $25 Amazon gift card. In the unlikely event you win, you will have given a third-party information you may think is irrelevant but, when correlated with other public information, could be harmful.”
Betabot malware targets 46 online retailers
This year, there has been a surge of cybercriminals and cyber gangs who bypass consumers and go directly to their favorite e-commerce merchants to rob them. And, they are expected to step up their game as Christmas fast approaches. Stealthcare’s Zero Day Live Threat Intelligence platform has uncovered these cyber attacks and now protects its e-commerce clients with the tools needed to prevent these greed-motivated cyberattacks.
By way of background, Samide says this season’s top malware and variants are among the banking trojan malware families Betabot, Panda, Gozi, Zeus, Chthonic, TinyNuke, Gootkit2, IcedID and SpyEye that capture credit card information during checkout and point-of-sale.
Betabot leads the pack of threats with the highest level of targeting being aimed at 46 different online retail brands, many of which are considered to be among the most trusted in the world, based on Stealthcare’s Intelligence.
According to the November 13, 2018 edition of Bank Info Security, card scrapping code has infected over 100,000 e-commerce sites, which read like a who’s who of online retail, entertainment and travel companies.
“Stealthcare’s proprietary technology adjusts its profile to defend against emerging threats by creating a unique fingerprint of the client organization or its CyberDNA. This allows us to focus our efforts on the threats that matter most to a specific organization and separate the attack signals from the noise,” Samide explains.