The recent Magecart digital card-skimming campaign has already impacted over 800 eCommerce sites worldwide. With the average cost per data breach rising to $3.86 million, loss prevention specialist Chargebacks911 educates merchants on how to defeat these new cyberfraud threats.
(Tampa Bay, FL) August 27, 2018 – A Ticketmaster data breach announced in late June was subsequently discovered to be part of a widespread digital card-skimming campaign by cybercriminals known as Magecart, whose malignant code has infiltrated more than 800 eCommerce sites worldwide.(1) The new cyberfraud threat is particularly concerning in light of a new study that found the average cost per data breach has risen to $3.86 million.(2) Chargebacks911, a leading dispute mitigation and loss prevention firm, advises eCommerce merchants to stay abreast of Magecart-related activity and other emerging cyberfraud risks, and to take proactive measures to combat these threats.
While physical card skimmers are placed on ATMs, fuel pumps and other point-of-sale machines to capture consumers’ credit and debit card data, Magecart’s digital skimmers are scripts that run on websites and harvest personal information and card details entered via online order forms. As revealed in a RiskIQ report, Magecart has transitioned from hacking individual websites to burying malicious code within the scripts of third-party (3P) functionality providers. This means a single attack can affect all of that provider’s clients, impacting hundreds or even thousands of websites. Ticketmaster was compromised via services supplied by Inbenta and SociaPlus, though RiskIQ also found Magecart’s code on other 3P components from PushAssist, Clarity Connect and Annex Cloud.(1)
Two days after RiskIQ released its findings on the massive Magecart skimming campaign, IBM Security and Ponemon Institute published findings from their annual study on the cost of data breaches. The average cost per breach has climbed 6.4% to $3.86 million, though that number can be significantly higher depending on volume—a “mega breach” of 1 million records averages $40 million, while 50 million compromised records will run about $350 million. The report also noted that cyberattack victims face a 27.9% likelihood of experiencing another material data breach within the next two years.(2)
“Merchants have become almost numb to cyberfraud, but they cannot afford to ignore it. Cybercriminals are always finding new vulnerabilities to exploit,” asserted Monica Eaton-Cardone, co-founder and Chief Operating Officer (COO) of Chargebacks911. “eCommerce businesses need to stay abreast of new threats and continue to fight fraud on multiple fronts.”
Eaton-Cardone adds that the Ticketmaster incident perfectly illustrates why businesses must verify compliance with all third-party service providers. If they allow an unsecure company to access internal systems, the vulnerability – and liability – falls to them, as well.
But PCI compliance isn’t a guarantee. Eaton-Cardone emphasizes that it’s not enough to focus solely on the security of internal servers—merchants need to keep an eye on all potential access points and guard against many types of losses. Below, she outlines five essential steps to mitigate the risks and potential losses from the latest Magecart data-skimming threat:
- ENCRYPTION: Encryption renders data useless to thieves, protecting customers and reducing the overall cost per breach.(2) Eaton-Cardone notes technological advances now allow data encryption at the application level, not just for stored data.(3)
- 3P NETWORK CONNECTION TRACKING: it’s critical to control website access and permissions for outside entities. Conducting a firewall rulebase analysis can identify inbound connections that may have escaped notice.(4)
- VULNERABILITY ASSESSMENTS: To pinpoint potential access points for digital skimmers, Eaton-Cardone advises merchants to run scans on external-facing hosts and cloud environments to identify services “listening” for inbound connections.(4)
- INDICATORS OF COMPROMISE (IOCs): As soon as a breach is made public, Eaton-Cardone urges merchants to scan all code for cybercriminals’ domains/IP addresses. Any scripts with the webfotce.me domain indicate a Magecart breach.(1)
- COMPREHENSIVE LOSS PREVENTION: Malicious attacks cause 48% of all data breaches; 52% are due to human error and system glitches.(2) To minimize losses, Eaton-Cardone says it’s vital to implement solutions that address both intentional and accidental data breaches as well as chargebacks and other financial hits.
“Merchants need to view cyberfraud as an ongoing battle with many points of attack,” counsels Eaton-Cardone. “You can’t sit back and play defense; you have to actively identify and address vulnerabilities, boost your fortifications and take the fight outside your walls.”
She notes that merchants’ investments in data security and chargeback mitigation can save millions compared to the cost of a single breach or years’ worth of cumulative cyberfraud losses. “The sooner you act, the more you’ll save—and the safer your company and customers will be,” concluded Eaton-Cardone.
Chargebacks911 knows cyberfraud is not going to go away—and is dedicated to educating and supporting eCommerce merchants with services designed to boost revenue, shrink chargebacks and defeat fraudsters. To that end, Monica Eaton-Cardone and her team will be participating in a number of upcoming industry events, including Payments & Fraud 360 in Chicago and Toronto, EP@Home in London and INBOUND 2018 in Boston. For details on Chargebacks911’s comprehensive risk management solutions, informative articles and other merchant resources, visit https://chargebacks911.com.
Chargebacks911, known as The Chargeback Company in Europe, safeguards over 2.4 billion online transactions every year, representing clients in 87 different countries. It is the first global company fully dedicated to mitigating chargeback risk and eliminating chargeback fraud, and the company has won the Customer Choice Award for Best Chargeback Management Solution at the CardNotPresent Awards for two years in succession. As industry-leading innovators, Chargebacks911 is credited with developing the most effective strategies for helping businesses maximize revenue and reduce loss in a variety of industries and sectors within the payments space.
Chargebacks911 provides comprehensive and highly scalable solutions for chargeback compliance, handling services and fraud strategy management. With unparalleled category experience and Intelligence Source Detection (ISD™) technology, Chargebacks911 identifies the true source of chargebacks, optimizes revenue recovery opportunities, mediates disputes, safeguards reputations, monitors transactions 24/7 and helps proactively prevent future fraud. To learn more about Chargebacks911, visit www.chargebacks911.com.
- Klijnsma, Yonathan and Jordan Herman. Inside and Beyond Ticketmaster: The Many Breaches of Magecart; RiskIQ report; July 9, 2018.
- IBM Security and Ponemon Institute. 2018 Cost of a Data Breach Study: Global Overview; July 11, 2018.
- Robinson, Rick M. “Fail-Safe Security: Protecting Data From Cloud and Third-Party Risks With Encryption”; SecurityIntelligence; October 11, 2017.
- Beaver, Kevin. “Dealing With Third-Party Vendor Connections in Your Network”; SecurityIntelligence; August 30, 2016.