Scams that steal customer bank details on e-commerce sites are increasingly automated and sophisticated. This is one of the conclusions of an estimate by the information technology company for payment system HST, which identified a growth in a special type of fraud.
According to the company, the cyber attack that is in fashion involves the use of “zombie robots”, a set of machines that operate together and intensively to identify valid credit card numbers and other information that authorize a purchase by third parties . This exploitation is carried out on retailer websites that contain security holes or do not use advanced anti-bot systems.
The tactic called “PAN enumeration” operates from brute force, as in trying to guess system passwords. In the case of online purchases, however, robots make purchases on online sites with all possible card number combinations until they obtain validation. After obtaining this data, they begin to try to find out the expiration date and the security code – which is usually the remaining information for making purchases.
Donation sites and stores without a refined security system (which does not block consecutive IP accesses or mass attempts to insert the same card, for example) are the main targets of these attacks. According to the HST estimate, the growth in the occurrence of these scams in the last 12 months was 100%.
So, if you are a consumer, be careful when entering data in any e-commerce. Already owners of trading platforms in general should always choose the best possible system of protection against cyber attacks.