payments

Cybersecurity in FinTech Applications: Protecting Financial Data and Preventing Fraud

Cybersecurity is crucial in the rapidly growing FinTech sector for safeguarding financial data and combating fraud. As FinTechs innovate, they face significant cybersecurity threats, evidenced by costly data breaches. This article by Vasilii Domnikov outlines solutions for enhancing security, including data encryption, multi-factor authentication, and strategies like tokenization and machine learning for fraud detection. It emphasizes the necessity for compliance with regulations and adapting to evolving cyber threats to maintain consumer trust and ensure operational integrity in financial services.

https://hackernoon.com/cybersecurity-in-fintech-applications-protecting-financial-data-and-preventing-fraud

How Phished Data Turns Into Apple & Google Wallets

Chinese phishing groups exploit stolen card data to create mobile wallets (Apple/Google Wallets) for fraud. Phishing messages, likening to legitimate service alerts, gather victim data via fake sites, leading users to give one-time verification codes. This links their cards to wallets controlled by scammers. Criminals cash out using real and virtual means, including a ghost tap app that enables distant NFC transactions. Despite improved security via chip cards, phishing techniques have evolved, grossing potential losses of $15 billion annually. Enhanced authentication methods are needed to combat this surge in digital wallet fraud.

https://krebsonsecurity.com/2025/02/how-phished-data-turns-into-apple-google-wallets/

Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores

Hackers are using Google Tag Manager to insert credit card skimmer malware in Magento e-commerce sites. A security report by Sucuri identified obfuscated scripts masquerading as typical GTM code that provides attackers with backdoor access. The malware, stored in the Magento database, harvests user data during checkout and sends it to the attackers’ servers. This abuse of GTM for malicious purposes isn't new, with similar incidents reported since 2018. Recently, two Romanian nationals were charged for their involvement in a payment card skimming operation.

https://thehackernews.com/2025/02/hackers-exploit-google-tag-manager-to.html

MasterCard DNS Error Went Unnoticed for Years

MasterCard fixed a major domain name server error that allowed potential interception of its Internet traffic due to a typo that went unnoticed for nearly five years. A security researcher, Philippe Caturegli, registered the misspelled domain for $300 to prevent exploitation. Although MasterCard asserted there was no real threat, Caturegli argued that the misconfiguration posed significant risks, potentially enabling Man-in-the-Middle attacks. After notifying MasterCard, he faced backlash for publicly disclosing the error, suggesting a need for better corporate acknowledgment of security vulnerabilities.

https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/

New PhishWP Plugin Enables Sophisticated Payment Page Scams

New PhishWP plugin enables creation of fake payment pages, allowing cybercriminals to steal sensitive data. It mimics trusted services like Stripe, collecting credit card info and OTPs, sending this data to attackers via Telegram. PhishWP can compromise existing WordPress sites or create fraudulent ones, making scams difficult to detect. It features customizable checkouts, data collection capabilities, and real-time data transmission, posing a significant security threat. Experts recommend using advanced phishing protection tools to combat such scams.

New PhishWP Plugin Enables Sophisticated Payment Page Scams

Ghost Tap: New Cash-out Tactic with Nfc Relay

Ghost Tap: New cash-out tactic using NFC Relay
Fraudsters adopt “Ghost Tap”, relaying NFC traffic for cash-outs using stolen card details linked to mobile payments. This technique, leveraging NFCGate, enables cybercriminals to perform transactions anonymously at retail locations, enhancing scalability. Detection challenges arise due to transaction patterns and lack of device presence at POS terminals, necessitating improved anti-fraud measures in financial institutions to combat this emerging threat.

Ghost Tap: New cash-out tactic with NFC Relay

Scroll to Top