Sansec and Europol counter online skimming

In a strategic alliance, Europol, the European Union Agency for Cybersecurity (ENISA), law enforcement from 17 nations, and key private sector entities such as Sansec, have aligned to counteract the escalating threat of digital skimming.

This collaborative initiative enabled the identification and notification of 443 e-commerce sites about breaches in their payment data security. Spearheaded by Greece, this effort is part of the EMPACT priority, targeting the masterminds of online financial frauds.

Digital skimming involves clandestine extraction of payment information from online store customers during checkout. Cybercriminals deploy advanced techniques to intercept this data without triggering any anomalies detectable by consumers.

Unnoticed Breaches in Data Security

Digital skimming infractions often remain unnoticed for extended durations. The illicitly acquired payment information, typically traded on darknet marketplaces, leaves consumers unaware of the security breach until unauthorized transactions surface. Pinpointing the exact breach source is challenging for end-users.

In this counter-skimming operation, Europol's role extends to alerting impacted online merchants, previously unknowing conduits of these data thefts. Collaborating closely with national law enforcement, CSIRTs, and select private-sector experts, Europol aids in pinpointing compromised merchants and furnishes technical assistance to rectify vulnerabilities and bolster future consumer protection.

For detailed insights on digital skimming and merchant safeguards, refer to Europol's comprehensive guide on digital skimming.

Source: Europol press release

Read more

• Thousands of Adobe Commerce stores hacked in competing CosmicSting campaigns
• CosmicSting attack & defense overview
• Persistent backdoors injected on Adobe Commerce via new CosmicSting attack
• CosmicSting attacks have started hitting major stores
• Polyfill supply chain attack hits 100K+ sites