January 23, 2024 at 10:49AM
Retailers in the Middle East and Africa are increasingly targeted by web-skimming attacks, with a recent discovery of such an attack on the Khaadi clothing retail site. Despite the region accounting for a small portion of consumer victims, the threat persists. As web-skimming attacks become more sophisticated, enhanced security measures are essential to protect against them.
Based on the meeting notes, here are the key takeaways:
1. Web-skimming attacks, commonly known as Magecart attacks, are a continued threat globally. They are used to steal payment card information from e-commerce sites.
2. The Middle East and Africa are less targeted by Magecart attacks due to the lower use of traditional credit cards and a preference for modern mobile-payment technology. However, these regions are not immune to such attacks, with Turkey ranking third on the list of the most affected countries.
3. Recorded Future data shows that the Middle East and Africa account for less than 2% of all stolen credit cards, and South Africa experienced a significant decrease in compromised cards, while Egypt saw an increase in the number of compromised cards.
4. It’s noted that skimming attacks will become more difficult to detect with the use of sophisticated evasion techniques, requiring website owners to prioritize the security of their sites and the third-party code they use.
5. An independent researcher uncovered Web-skimming code on a staging server of the clothing retail site Khaadi. Despite reporting the issue to Khaadi and Pakistan’s Computer Emergency Response Team (PK-CERT), there has been no response, and the affected webpages remain compromised.
Please let me know if you need more information on these takeaways.