Posted 24 Apr 2019
New York, NY - April 24, 2019 – SecurityScorecard, the leader in security ratings, today released a new report titled Payment Card Fraud & the Financial Crime Ecosystem. SecurityScorecard’s threat intelligence team analyzed Dark Web marketplaces, forums and other vehicles for acquiring payment card data and identified a variety of methods cyber criminals employ to steal cardholder data from financial services institutions, merchants and others.
Despite the increase in compliance requirements, fraud and security incidents continue to occur with growing frequency. In fact, Dark Web marketplaces continue to keep pace with attempted mitigations that the financial industry puts in place. Just as merchants and payment processors use third-party vendors to enable business operations, the underground marketplace relies on a network of third party vendors to enable business operations. As a result, the entire financial services ecosystem is wrought with countless forms of payment card fraud risks.
“The underground ecosystem works similarly to legitimate businesses, even though it services semi-organized criminal groups,” said Alex Heid, Chief Research Officer, SecurityScorecard. “In addition to stealing cardholder data, cybercriminals are tasked with monetizing the data within this criminal ecosystem. Much like legitimate business, the success of these endeavors is based on reputation and previous experiences. Financial services organizations need to have a solid understanding of this underground ecosystem to create a comprehensive strategy for protecting cardholder data and minimizing institutional losses that originate from fraud.”
Sample of Sources of Compromised Data:
Headquartered in the heart of New York City, SecurityScorecard's vision is to create a new language for measuring and communicating security risk. The company was founded in late 2013 by Dr. Aleksandr Yampolskiy and Sam Kassoumeh, two former cybersecurity practitioners who had served, respectively, as Chief Information Security Officer and Head of Security and Compliance. With cloud solutions becoming an increasingly integral part of the security technology stack Yampolskiy and Kassoumeh recognized the need to address third- and fourth-party risk as well as better understand the security capabilities of their business partners. Since its founding, the company has grown dramatically and now counts hundreds of leading brands as customers. SecurityScorecard is backed by leading venture capital investors including Sequoia Capital, GV, NGP Capital, Evolution Equity Partners, Boldstart Ventures, AXA Venture Partners among others. For more information, visit securityscorecard.com.
No waiting, 100% Free
Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.