Sansec logo

Sansec at Europol training: 50,000+ stores hacked


by Sansec Forensics Team

Published in Threat Research

Sansec at Europol training: 50,000+ stores hacked

Cementing itself as a global force in the protection against eCommerce fraud, Sansec has been invited to speak at the fifth edition of Europol’s Training Course on Payment Card Fraud Forensic Investigations in Avila, Spain.

The week-long event, hosted by the Spanish National Police Academy, saw 53 investigators, forensics experts and accredited trainers from 25 countries in the European Union, as well as from Colombia, Moldova and the United States, descend on the Spanish province to learn about how to better work together to fight the growing threat of e-skimming attacks. This type of fraud, whereby malware infected its checkout pages to steal payment and personal information of shoppers, is on the rise and becoming ever more sophisticated; companies large and small have been hit by attacks in recent years, including British Airways, Macy’s and Ticketmaster.

Presentations were given by Europol staff and by key private sector organisations, including Sansec, and the event hosted numerous sessions and workshops that covered wide range of topics in the area of payment fraud, including online skimming, card data analysis, cryptocurrencies, social engineering attacks and loyalty card fraud.

Willem de Groot, founder and architect at Sansec, gave a talk on his company’s work in tracking and preventing the growing number of skimming attacks; since uncovering the first instance of online skimming in 2015, the firm has identified more than 50,000 stores globally that have, at one point, fallen victim to a similar hack.

Last year, Sansec - which offers an industry-leading malware and vulnerability monitor for e-commerce websites - was also responsible for uncovering the largest Magecart-style skimming campaign to date, which saw card details stolen from 962 online shops in just 24 hours.

“With so many experts from different countries together, it was really inspiring to witness the work ethic civil service side of society, and it really had a nice vibe of cooperation,” says De Groot. “We can help because we have been tracking this fraud for years. Our treasure trove of historical data enables us to quickly correlate cases and actors between crimes.”

At the training, Europol staff also presented an update on the different joint actions that regularly are conducted in coordination with the national authorities and the private sector, as well the services, products and solutions that Europol can provide to support national investigations.

Additionally, representatives from Spanish authorities stressed the importance of international training supported by Europol to strengthen networking in future investigations, as well as the importance of joining efforts between police forces and the private sector, the release said.

The event was supported by the private industry with the participation of representatives of agencies and companies which play a key role in the fight against card payment fraud such as VISA, American Express, Western Union, Uber, Santander Bank and Sansec.

Europol said: ”This kind of event demonstrates the cooperation between public and private sector, the continuous training, the update on the investigative techniques and the improvement of forensic capabilities, is the only possible way to succeed in the fight against cybercrime and especially to confront, in an effective manner, all the emerging threats in the field of payment card fraud.”

Since the first training in 2015, more than 250 international students have benefited from the training programme.

Read more

Scan your store now
for malware & vulnerabilities

$ curl | sh

eComscan is the most thorough security scanner for Magento, Adobe Commerce, Shopware, WooCommerce and many more.

Stay up to date with the latest eCommerce attacks

Sansec logo

experts in eCommerce security


Terms & Conditions
Privacy & Cookie Policy
Company Reg 77165187
Tax NL860920306B01