Running a customer-facing business with monetary transactions is stressful enough without the stress of threat actors E-Skimming by hacking your business networks system.
E-Skimming is the process of skimming code on e-commerce payment processing webpages that captures credit card, debit card, or other personally identifiable information (PII).
Speaking at Data Connectors Cybersecurity Conference on Aug. 29, U.S. Secret Service Supervisory Special Agent Mark Grantz offered information from the Secret Service, FBI, and the Cybersecurity and Infrastructure Security Agency on how to prevent E-Skimming and how it should be treated.
Grantz wants the perception of threat actors to change from “hackers in hoodies” to considering them businesspeople who try to determine the return on investment when deciding to commit a cybercrime.
“Some of them, yeah, they do live in their mom’s basement … Ultimately their initiative—their thought process—going in the same as everybody else,” Grantz said when discussing hackers determining a return on investment. “How much is this going to cost me to develop versus where is my profit.”
Some warning signs to keep an eye on that Grantz mentioned were unauthorized admin users, unexpected activity, new domains, and modified code. Educating employees was on the top of the list for ensuring cybersecurity integrity. That involves using two-factor authentication and changing default credentials and settings frequently.