Online Fraud
.docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
659
Subject
Information Systems
Date
Jan 9, 2024
Type
docx
Pages
5
Uploaded by Pebbles019021 on coursehero.com
1
Running Head: ONLINE FRAUD Online Fraud
Arkeela Mitchell
SNHU: IT-659 Cyberlaw and Ethics
Professor Peter Mylonakos
August 13, 2023
2
ONLINE FRAUD Online Fraud Online fraud is a cybercrime involving deceiving or tricking individuals of their assets, cash, or identity via the web or email. Hiding or giving inaccurate information, phishing, hacking, or other operations that exploit the weaknesses or flaws of online platforms and individuals are all examples of online fraud. Individuals, businesses, and organizations can all be
victims of online fraud. An organization may experience several problems because of a breach. A breach may result in losing personal information, including customer names, addresses, and bank account numbers. The breach could occur at any time and go undetected. Many breaches are not discovered until weeks after the event has occurred. Some breaches do not get reported for months. The company must work harder to resolve the problem if a breach remains unreported for months.
Breach Analysis Founded in 1858 by Rowland Hussey Macy, Macy's (formerly R. H. Macy & Co.) is one of the world's leading department stores (
Welcome to the Home of Iconic Brands
, n.d.). In October 2019, Macy's website suffered a security breach, exposing consumers' personal information (Humphries, 2019). Malicious code was inserted into the "Checkout' and "My Wallet" pages of the department store's website, which collected personal information from customers (Humphries, 2019). The malicious code allowed hackers to access the data of anyone who visited those pages, including full names, addresses, credit card numbers, and other sensitive information. Several major bank issuers, including Mastercard, Discover, Visa, and American Express were informed about the data compromise. In an email statement, a Macy's
3
ONLINE FRAUD spokeswoman said that only a small percentage of its customers were affected by the problem (Humphries, 2019). It was unclear the number of customers that were affected. Cause
The breach was identified as a Magecart attack. It occurs when cybercriminals steal information from your online payment forms, such as credit card numbers and personal identifying information (PII) (
What is Magecart, 2023). In e-commerce, magecart hackers steal payment information by using online skimming techniques. The Magecart attack may target your
client-side supply chain or attack your site directly. Many websites use third-party apps to enhance their functionality. Nearly 98% of websites use client-side JavaScript (
What is Magecart, 2023). When a cybercriminal exploits a coding flaw in vendor code, the infection spreads to all websites that use the affected code. Essentially, if you have integrated their JavaScript code into your payment form, an infection in Magento or another third-party platform is an infection in your payment form.
Resolution
Hackers can plant and conceal skimmers using sophisticated tactics. The contents of scripts such as Magecart can be analyzed using browser developer tools (Strom, 2021). Free website scanners are available online that can detect suspicious connections. To protect your supply chain against threats like Magecart, Trustwave SpiderLabs researchers suggest the following measures (Strom, 2021):
First, identify all the company's e-commerce and internet marketing partners, and mandate that they conform to code self-assessments.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help