• Latest

PrismWeb Fraud Attack: Hackers Steal Student Payment Data from 197 American & Canadian Universities

May 13, 2019
Fraugster launches a new Alternative Credit Decisions solution to support BNPLs and Enterprise merchants to approve more customers without increasing credit risk

Fraugster launches a new Alternative Credit Decisions solution to support BNPLs and Enterprise merchants to approve more customers without increasing credit risk

May 20, 2022
ICCL report on scale of Real-Time Bidding data broadcasts in the U.S. and Europe

ICCL report on scale of Real-Time Bidding data broadcasts in the U.S. and Europe

May 16, 2022
New Podcast Episode: Walls of Thieving Cellphones with Nethone

How to protect websites and web apps from the entire lifecycle of automated attacks: An interview with the CTO of PerimeterX

May 20, 2022
Buy Now, Pay Later Fraud: How to Stop Chargebacks

Buy Now, Pay Later Fraud: How to Stop Chargebacks

May 6, 2022
Retailers losing out on £4.3million in sales each day as new SCA rules block non-compliant online transactions

Retailers losing out on £4.3million in sales each day as new SCA rules block non-compliant online transactions

April 29, 2022
AuthenticID Announces Partnership with Milk & Honey Labs

AuthenticID Announces Partnership with Milk & Honey Labs

April 28, 2022
New Podcast Episode: Walls of Thieving Cellphones with Nethone

New Podcast: How to properly conduct fraud prevention A/B testing & safely sell high-ticket items

May 9, 2022
SEON Raises $94 Million Series B to Address Exponential Growth of Online Fraud

SEON Raises $94 Million Series B to Address Exponential Growth of Online Fraud

April 20, 2022
New Podcast Episode: Walls of Thieving Cellphones with Nethone

New Podcast: Stopping Ransomware & Cyptocurrency Fraud In an Unregulated World

April 19, 2022
Silverfort Raises $65m Series C for World’s First Unified Identity Threat Protection Platform

Silverfort Raises $65m Series C for World’s First Unified Identity Threat Protection Platform

April 18, 2022
RaidForums Shutdown by the United States Department of Justice

RaidForums Shutdown by the United States Department of Justice

April 12, 2022
Types of Buy Now Pay Later Fraud

Types of Buy Now Pay Later Fraud

April 11, 2022
  • Contribute
  • Contact Us
  • About
  • Join Us
  • Advertise
Friday, May 20, 2022
Merchant Fraud Journal
  • Home
  • Articles
    • Chargebacks
    • Fraud Prevention
    • Influencer Insights
  • Resources
    • Recorded Webinars
    • Podcasts
    • Vendor Directory
    • eCommerce Fraud Reports
    • Training and Certifications
    • Jobs Board
    • Associations and Non-Profits
  • News
No Result
View All Result
  • Home
  • Articles
    • Chargebacks
    • Fraud Prevention
    • Influencer Insights
  • Resources
    • Recorded Webinars
    • Podcasts
    • Vendor Directory
    • eCommerce Fraud Reports
    • Training and Certifications
    • Jobs Board
    • Associations and Non-Profits
  • News
No Result
View All Result
Merchant Fraud Journal
No Result
View All Result

PrismWeb Fraud Attack: Hackers Steal Student Payment Data from 197 American & Canadian Universities

by Bradley
May 13, 2019
in News

typographyimages / Pixabay

Hackers from the Mirrorthief group used a “Magecart” style attack on the PrismWeb eCommerce platform to successfully steal the payment card details from the e-commerce systems of 201 American and Canadian universities. The information stolen includes cardholder names, as well as card numbers, expiration dates, and card verification number’s (CVN). The number of accounts compromised is not currently known.

TrendMicro, a cyber threat and vulnerability company, uncovered the hack.

Magecart attacks place malicious JavaScript code directly onto the checkout pages of eCommerce stores. The code gives fraudsters the ability to collect the data entered onto the pages by shoppers, which can then be re-sold to cyber thieves on the dark web.

“The attacker injected their skimming script into the shared JavaScript libraries used by online stores on the PrismWeb platform,” TrendMicro said in a statement. “We confirmed that their scripts were loaded by 201 campus book and merchandise online stores, which serves 176 colleges and universities in the U.S. and 21 in Canada. The amount of payment information that was stolen is still unknown.”

TrendMicro brought the vulnerability to the attention to PrismRBS, the owner of the PrismWeb platform. In a statement, PrismRBS claims they fixed the problem, and is now taking steps to contact affected customers and inform them their data was compromised.

“We are proactively notifying potentially impacted customers to let them know about the incident, the steps we are taking to address the situation, and steps they can take to protect their end users. We deeply regret any concern or frustration this incident may cause,” the statement said.

Magecart eCommerce fraud attacks are currently on the rise across the internet. However, TrendMicro states their research did not uncover any relationship between this attack and any previously known cybercrime groups. And in a deviation from the norm, the attack specifically targeted the PrismWeb platform and not online payment forms generally.

In its statement, TrendMicro also suggested online fraud prevention best practices merchants can use to protect themselves against Magecart attacks.

“Website owners should regularly check and strengthen their security with patches and server segregation, employ robust authentication mechanisms, restrict or disable outdated components, and habitually monitor websites and applications for any indicators of suspicious activity,” the company said.

Source:

https://blog.trendmicro.com/trendlabs-security-intelligence/mirrorthief-group-uses-magecart-skimming-attack-to-hit-hundreds-of-campus-online-stores-in-us-and-canada/

ShareTweetShareSend
Previous Post

Ecommerce Fraud Trends 2019

Next Post

Checkout.com Raises $230m Series A Round of Funding

Next Post
Checkout.com Raises $230m Series A Round of Funding

Checkout.com Raises $230m Series A Round of Funding

Our Sponsors

Our Latest Report

Get the 2022 Fraud Trends Report

MFJ 2022 Fraud Trends Report

Search Our Site

No Result
View All Result

Featured Directory Listings

  • SEON. Fraud Fighters
  • Microsoft Dynamics 365 Fraud Protection
  • Ekata
  • sift logo
    Sift
  • nSure.ai logo
    nSure.ai
  • logo
    NoFraud
  • Pipl
  • Spotrisk
  • PayRetailers

Our Sponsors

Fraud Industry News

Fraugster launches a new Alternative Credit Decisions solution to support BNPLs and Enterprise merchants to approve more customers without increasing credit risk

Fraugster launches a new Alternative Credit Decisions solution to support BNPLs and Enterprise merchants to approve more customers without increasing credit risk

May 20, 2022
ICCL report on scale of Real-Time Bidding data broadcasts in the U.S. and Europe

ICCL report on scale of Real-Time Bidding data broadcasts in the U.S. and Europe

May 16, 2022
New Podcast Episode: Walls of Thieving Cellphones with Nethone

How to protect websites and web apps from the entire lifecycle of automated attacks: An interview with the CTO of PerimeterX

May 20, 2022

Connect With Us

Quick Navigation

  • Home
  • News
  • Join Us
  • About Us
  • Contact Us
  • Advertise
  • Contribute
  • Privacy Policy

Privacy Policy

Our Privacy Policy
Our Terms of Use

Resources

  • Articles
  • eCommerce Fraud Reports
  • eCommerce Fraud Webinars
  • Training and Certifications
  • Jobs Board
  • Associations and Non-Profits
  • Podcasts
  • Vendor Directory

Popular Posts

  • How Does Two-Factor Authentication (2FA) Work?

    How Does Two-Factor Authentication (2FA) Work?

    0 shares
    Share 0 Tweet 0
  • How to File a Claim With FedEx + What To Do If Claim is Denied

    0 shares
    Share 0 Tweet 0
  • Top eCommerce Fraud Prevention Companies

    0 shares
    Share 0 Tweet 0
  • Ebay PayPal Scam Strikes Merchants

    0 shares
    Share 0 Tweet 0

Featured Vendors

  • Sift
  • Pipl
  • Ekata
  • Spotrisk
  • NoFraud
  • Microsoft Dynamics 365 Fraud Protection
  • nSure.ai
  • PayRetailers
  • SEON. Fraud Fighters

Download the 2022 Fraud Trends Report

No Result
View All Result
  • About Merchant Fraud Journal
    • Advertise on Merchant Fraud Journal
    • Interested in Contributing or Guest Posting to Merchant Fraud Journal?
  • Articles
    • Chargebacks
    • Fraud Prevention
    • Influencer Insights
  • Contact Us
  • Download Evolving Complexities of Payment Fraud Report
  • Download the 2020 Chargeback and Representment Report
  • Download the 2020 Merchant Fraud Journal Vendor Guide
  • Download the 2021 Fraud Trends Report
  • Download the 2022 Fraud Trends Report
  • Download the 3 Ways a Unified Chargeback Management and Fraud Platform Increases Revenue Report
  • Download the MFJ 2022 Customer Experience Report
  • Download the MFJ ATO in Retail Report
  • Home
  • Job Dashboard
  • Join The Merchant Fraud Journal Community
  • Merchant Fraud Journal Advertising Agreement
  • MFJ Fraud Trends Report Giveaway
  • News
  • Post a Job
  • Privacy Policy
  • Resources
    • 2020 Chargeback Representment Guide for Merchants
    • 2020 Vendor Guide
    • 3 Ways a Unified Chargeback Management and Fraud Platform Increases Revenue
    • Associations and Non-Profits
    • ATO Fraud In Retail Report
    • Digital Trust & Safety: Combatting the Evolving Complexities of Payment Fraud
    • eCommerce Fraud Reports
    • eCommerce Fraud Webinars
    • Fraud Prevention Training and Certifications
    • Jobs Board
    • Merchant Fraud Journal’s Fraud Trends 2020 Report
    • Merchant Fraud Journal’s Fraud Trends 2021 Report
    • Merchant Fraud Journal’s Fraud Trends 2022 Report
    • MFJ’s 2022 Customer Experience Report
    • Podcasts
    • Prevent High-Velocity Fraud Attacks During the 2021 Holiday Season
    • Vendor Directory
    • Win January Chargeback Disputes
  • Subscribed
  • Terms and Conditions

© 2021 Payments Media Solutions Canada Inc.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?