Gift card hack exposed – you pay, they play – Naked Security


Because of Invoice Kearney of Sophos Rapid Response for his work on this text.

In the event you’ve learn the latest Sophos 2021 Threat Report, you’ll know that we intentionally included a bit about all of the malware on the market that isn’t ransomware.

Certain, ransomware understandably hogs the media headlines lately, however cybercriminality goes manner past ransomware assaults.

Certainly, as we’ve famous earlier than, many ransomware incidents occur because of other malware that infiltrated your community first and introduced within the ransomware in a while.

The truth is, many community intrusions don’t contain malware in any respect, as a result of cybercriminals have many different methods of bleeding cash out of your customers, your organization, or each.

Right here’s an instance that the Sophos Rapid Response team got here throughout not too long ago – a opportunistic community intrusion that was a lot much less refined than a typical ransomware or knowledge stealing assault, however harmful and disconcerting however.

Worse nonetheless for the staff of the enterprise, these crooks weren’t particularly after the corporate as an entire, however appeared to assault the community just because it represented a handy manner of hacking away at a number of people on the identical time.

Very merely put, the crooks had been after as many accounts as they might entry to purchase as many present playing cards as they might as shortly as potential.