The FBI, the United States Secret Service, and the Department of Homeland Security have joined forces to mitigate the growing threat of e-skimming attacks.
Halpern: The FBI, the United States Secret Service, and the Department of Homeland Security have joined forces to mitigate the growing threat of e-skimming attacks.
E-skimming happens when a cyber criminal injects malicious code into a website to steal customer payment information and personally identifiable information, or PII, in real time.
Acting Assistant Chief of the FBI’s Cyber Engagement and Intelligence Section L.T. Chu…
L.T. Chu: The compromises occur directly through the company’s website, through its third-party payment vendor. And, and cyber criminals use phishing emails, default, or stolen employee credentials to gain access into the system itself.
Halpern: The FBI and its partners are engaging with e-commerce companies across the country to help them minimize the risk of attacks.
Chu says basic cyber hygiene is a must for these companies.
L.T. Chu: Actively scan and monitor web applications for unauthorized access, conduct network penetration tests on a regular basis, strengthen your credentials requirements, and implement multi-factor authentication, things like that–just to make it harder for the bad guys to get in.
Halpern: Have a cyber incident response plan in place. Report e-skimming attacks at ic3.gov. With FBI, This Week, I’m Mollie Halpern of the Bureau.