Black Friday, Cyber Monday Bring Open Season for Cyber-Criminals

For cyber criminals, the holiday shopping season offers what we used to call a “Target Rich Environment” back when I was in the military.

During the holiday seasons there’s a lot of the kind of activity that cyber-criminals love.

There are more customers buying things and that means that there are more credit card numbers floating around, there’s more personal information being stored in company databases and there’s less time for customers and companies to verify what’s real and what’s not.

In their haste to make sales, some companies may become careless about the purchase information they collect and they may collect information they don’t need. Worse, with the added load of higher than normal volume, IT departments may be forced to cut corners just to keep up.

Black Friday

Add to the overall frantic pace of holiday shopping the change in credit card security technology and you have even more opportunity for fraud. This year, now that most credit card users have EMV chips in their cards, the instances of counterfeit cards is already dropping.

But in its place, is something called “card-not-present” fraud. This is when criminals use stolen credit card information to order products online or over the phone. They will then sell those products, or in some cases return them for cash reimbursements.

For your business, the overall environment is one in which you’re under attack from all directions. Criminals are using stolen credit cards on one hand while other criminals are trying to break into your network on the other. Adding to the excitement, there are new tools in the hands of cyber-criminals that are making their jobs more lucrative—at your expense of course.

Jeremy Manning, threat intelligence support manager at SecureWorks, tells me of a Remote Access Trojan (RAT) that appeared this fall, just in time for shopping to start.

This Trojan is delivered a company’s computer network through a phishing email and inserts itself into the Notepad application in Windows. Once there it captures and sends out the Track 1 and Track 2 credit card data if a card is read, but it can also send out other card data and it includes a key logger.

Read more on page 2…

Originally published on eWeek

Page: 1 2

Wayne Rash

Wayne Rash is senior correspondent for eWEEK and a writer with 30 years of experience. His career includes IT work for the US Air Force.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago