payments

SuperCard X is a new Android malware platform enabling NFC relay attacks, allowing criminals to commit ATM and PoS fraud by intercepting and relaying card details. Targeting Italian banking customers, it employs social engineering tactics through fake apps and deceptive messages that prompt victims to install malicious software. The malware captures card data and relays it to external servers for unauthorized transactions. SuperCard X utilizes sophisticated techniques, including custom app versions and secure communication methods, posing significant financial risks to payment systems. Users are urged to avoid unknown apps and enable protections against malware.

https://thehackernews.com/2025/04/supercard-x-android-malware-enables.html

Cybersecurity researchers at Jscrambler reported a new skimming attack exploiting the Stripe API to steal payment information from e-commerce sites. The method involves injecting malicious JavaScript into checkout pages to capture customer payment details in real-time before they reach Stripe's processing system. This technique poses significant risks to online merchants, with 49 compromised businesses identified so far. To mitigate risks, businesses should monitor for unexpected changes in JavaScript, network requests, and implement real-time webpage monitoring and secure iFrame solutions.

https://www.infosecurity-magazine.com/news/stripe-api-skimming-campaign-new/

Chinese nationals arrested for tap-to-pay fraud using mobile wallets linked to phishing scams. They bought gift cards with stolen credit card info, traveling across states. Authorities recovered over $23,000 in gift cards. Scammers utilize a custom Android app for transactions, leveraging stolen data acquired through sophisticated phishing techniques. This highlights vulnerabilities in mobile wallet security and the evolving tactics of cybercriminals.

https://krebsonsecurity.com/2025/03/arrests-in-tap-to-pay-scheme-powered-by-phishing/

Cybersecurity is crucial in the rapidly growing FinTech sector for safeguarding financial data and combating fraud. As FinTechs innovate, they face significant cybersecurity threats, evidenced by costly data breaches. This article by Vasilii Domnikov outlines solutions for enhancing security, including data encryption, multi-factor authentication, and strategies like tokenization and machine learning for fraud detection. It emphasizes the necessity for compliance with regulations and adapting to evolving cyber threats to maintain consumer trust and ensure operational integrity in financial services.

https://hackernoon.com/cybersecurity-in-fintech-applications-protecting-financial-data-and-preventing-fraud