BSN Blog 10.30.19

FBI Issues E-Skimming Warning

BSN Blog 10.30.19

Skim This Over

Recently the FBI issued a warning against e-skimming threats in response to the increase of attacks on small and medium-sized businesses, as well as against government agencies.  This relatively new form of attack occurs when malicious code is placed within a site that accepts payments.  The payments are rendered via credit or debit cards when entered into the portal and often go unnoticed – for years.

How Does It Happen?

Like so many breaches, it can originate with a phishing email that contains a link that captures login credentials.  Simple passwords and vulnerable websites are also easy targets.  And not to be overlooked, are third party vendors with access to the credentials of a company’s e-commerce platform.

How Are They Caught?

It often takes a while.  And it isn’t until multiple consumers report fraud and their habits are eventually linked to having a site in common.  Not that easy to do, and not that likely to happen.  So, these e-skims go undetected for years.

How Can You Protect Yourself?

As a consumer, be informed about the systems and sites that you use.  Are they updated with the latest plugins and patches?  If you aren’t sure, ask.

And if you are protecting your business, run code integrity checks regularly to review any changes to code on your e-commerce site.  Monitor and analyze weblogs for any changes as well.  Always make sure that your systems are updated.

It’s your job to look out for yourself – and your business.

badge w light burst white (1)
Exclusively for Our MSP Partners

Now Available: Gen AI Certification From BSN

Lead Strategic AI Conversations with Confidence

Breach Secure Now’s Generative AI Certification helps MSPs simplify the AI conversation, enabling clients to unlock the value of gen AI for their business, build trust, and drive growth – positioning you as a leader in the AI space.

More on blogs

What Is the AI Culture Assessment? A Smarter Starting Point for Responsible AI Adoption

AI is already showing up in the workplace, but many organizations lack visibility into how it is being used. The AI Culture Assessment helps MSPs

Phishing Tests Aren’t Enough: Why Remediation Is the Missing Link in Security Awareness

Phishing simulations show who clicks, but without follow-up, they rarely change behavior. Phishing remediation closes the gap by turning failures into learning opportunities, reinforcing training

Why Continuous Training Beats One-and-Done Cyber Awareness

Cyber threats evolve constantly, which means annual cybersecurity training is not enough to keep employees prepared. Learn how continuous training, phishing simulations, remediation, and short
Take the First Step

Experience Training That Makes a Difference

during the demo you’ll:

Take the First Step

Experience Training That Makes a Difference

During the demo you’ll: