Data from over 400 e-commerce sellers leveraged in digital skimming attacks

Europol reported that digital skimming attacks have been deployed by threat actors using data stolen from 443 online merchants, according to The Record, a news site by cybersecurity firm Recorded Future. Impacted websites have already been notified regarding the intrusions. "Digital skimming attacks can go undetected for a long time. Payment or credit card information stolen as a result of these criminal acts is often offered for sale on illicit marketplaces on the darknet," said Europol, which worked with the U.S., Greece, Colombia, and 14 other countries, as well as the European Union Agency for Cybersecurity and cybersecurity firms Sansec and Group-IB as part of the operation. Meanwhile, North America- and Europe-based financial entities are expected to account for most of the stolen payment cards used in attacks next year, according to a Recorded Future report. "In 2024, fraudsters will likely combine sophisticated technical solutions, nuanced workflows, and social engineering tactics to bypass rules-based fraud detection," said the report.