• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Ethical Hacking

Wade Mackey

Ethical Hacking

MIS 5211.001 ■ Fall 2019 ■ Wade Mackey
  • Home
  • About
  • Syllabus
  • Gradebook

Small and Medium-sized businesses at risk of E-Skimming attacks

October 26, 2019 by Andrew P. Sardaro Leave a Comment

https://cyware.com/news/fbi-issues-warning-to-smbs-about-e-skimming-attacks-a251120c 

The FBI is warning SMBs and government agencies about the risk of e-skimming attacks for businesses that take credit card payments online.

E-Skimming, also known as Magecart attacks, occurs when malicious code is injected into a website’s POS system disguised as payment card skimmer scripts. Once the POS is compromised, hackers can then steal customers’ payment card information.

Hackers gain access to the POS server through a phishing attack, third party vendor vulnerability. Once they have access they act as a silent man in the middle and steal user credit card information to sell for profit.

The FBI recommends standard mitigation measures to protect your business from E-Skimming.

Patch Patch Patch your systems.

User education to avoid falling victim to phishing attacks

Remove any default login credentials

Segment networks to avoid easy hops for hackers

Here is an article which breaks down Magecart attack and its evolution: https://www.csoonline.com/article/3400381/what-is-magecart-how-this-hacker-group-steals-payment-card-data.html

 

Filed Under: Week 09: Web Application Hacking Tagged With:

Reader Interactions

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • Uncategorized (55)
  • Week 01: Overview (6)
  • Week 02: TCP/IP and Network Architecture (2)
  • Week 03: Reconnaisance (7)
  • Week 04: Network Mapping and Vulnerability Scanning (4)
  • Week 05: Metasploit (9)
  • Week 06: More Metasploit (8)
  • Week 07: Social Engineering (11)
  • Week 08: Malware (19)
  • Week 09: Web Application Hacking (14)
  • Week 10: SecuritySheperd (12)
  • Week 11: Intro to Dark Web and Intro to Cloud (10)
  • Week 12: Introduction to Wireless Security with WEP and WPA2 PSK (6)
  • Week 13: WPA2 Enterprise and Beyond WiFi (11)
  • Week 14: Jack the Ripper, Cain and Able, and Ettercap (9)

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in