New Threat Profile: Online POS - Card Not Present (PCI)

By Alana Stroud, Cybersecurity Risk Content Analyst
mark

Due to the drastic increase in Point of Sale (PoS) and Card Not Present (CNP) transactions as society has shifted to purchasing most of their travel, entertainment, and goods online, cybercriminal groups such as Magecart have capitalized on this opportunity to turn an already lucrative card skimming campaign into a full blown business model.

Magecart has been around since 2016 hitting retail websites by injecting malicious code that steals credit card information from consumers, then selling it on the dark web to underground buyers who then use the cards to purchase goods that are resold for profit in reshipping schemes. Magecart’s name is derived from the abuse of Adobe’s Magento, which is an open-source ecommerce platform retailers utilize for CNP purchases. Major brands Magecart has successfully breached to date include British Airways, Macy’s, Ticketmaster, Forbes, Newegg, and Amazon, to name a few. 

This threat actor and activity are important to CyberGRX and our customers because PoS and CNP transactions are here to stay. It is incredibly important to understand which security controls will protect against PoS and CNP fraud to prevent a breach happening to you and your customers. In fact, Cybersecurity and Infrastructure Security Agency (CISA) has just added Magecart to their Known Exploited Vulnerabilities Catalog as of February 15, 2022 (CVE-2022-24086). In response, we have developed a PoS/CNP Threat Profile just for you.

CyberGRX is dedicated to delivering real-time insights around recent cyber events to help our users quickly identify potential risks, and prioritize follow-up activities, which is critical in minimizing the impact of these attacks. To date, CyberGRX has provided Threat Profiles around a myriad of cyber events including SolarWinds, Kaseya Ransomware, Hafnium, Log4j, the Russian-Ukrainian crisis, and more. Threat profiles are continuously updated, so you can rest assured the controls identified are the most up to date.

Alana Stroud

Cybersecurity Risk Content Analyst

Mark
Mark

Join 10,000+ risk professionals who subscribe to the CyberGRX Newsletter