Online Fraud

.docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

659

Subject

Information Systems

Date

Jan 9, 2024

Type

docx

Pages

5

Uploaded by Pebbles019021 on coursehero.com

1 Running Head: ONLINE FRAUD Online Fraud Arkeela Mitchell SNHU: IT-659 Cyberlaw and Ethics Professor Peter Mylonakos August 13, 2023
2 ONLINE FRAUD Online Fraud Online fraud is a cybercrime involving deceiving or tricking individuals of their assets, cash, or identity via the web or email. Hiding or giving inaccurate information, phishing, hacking, or other operations that exploit the weaknesses or flaws of online platforms and individuals are all examples of online fraud. Individuals, businesses, and organizations can all be victims of online fraud. An organization may experience several problems because of a breach. A breach may result in losing personal information, including customer names, addresses, and bank account numbers. The breach could occur at any time and go undetected. Many breaches are not discovered until weeks after the event has occurred. Some breaches do not get reported for months. The company must work harder to resolve the problem if a breach remains unreported for months.   Breach Analysis Founded in 1858 by Rowland Hussey Macy, Macy's (formerly R. H. Macy & Co.) is one of the world's leading department stores ( Welcome to the Home of Iconic Brands , n.d.). In October 2019, Macy's website suffered a security breach, exposing consumers' personal information (Humphries, 2019). Malicious code was inserted into the "Checkout' and "My Wallet" pages of the department store's website, which collected personal information from customers (Humphries, 2019). The malicious code allowed hackers to access the data of anyone who visited those pages, including full names, addresses, credit card numbers, and other sensitive information. Several major bank issuers, including Mastercard, Discover, Visa, and American Express were informed about the data compromise. In an email statement, a Macy's
3 ONLINE FRAUD spokeswoman said that only a small percentage of its customers were affected by the problem (Humphries, 2019). It was unclear the number of customers that were affected. Cause The breach was identified as a Magecart attack. It occurs when cybercriminals steal information from your online payment forms, such as credit card numbers and personal identifying information (PII) ( What is Magecart, 2023). In e-commerce, magecart hackers steal payment information by using online skimming techniques. The Magecart attack may target your client-side supply chain or attack your site directly. Many websites use third-party apps to enhance their functionality. Nearly 98% of websites use client-side JavaScript ( What is Magecart, 2023). When a cybercriminal exploits a coding flaw in vendor code, the infection spreads to all websites that use the affected code. Essentially, if you have integrated their JavaScript code into your payment form, an infection in Magento or another third-party platform is an infection in your payment form. Resolution Hackers can plant and conceal skimmers using sophisticated tactics. The contents of scripts such as Magecart can be analyzed using browser developer tools (Strom, 2021). Free website scanners are available online that can detect suspicious connections. To protect your supply chain against threats like Magecart, Trustwave SpiderLabs researchers suggest the following measures (Strom, 2021):  First, identify all the company's e-commerce and internet marketing partners, and mandate that they conform to code self-assessments.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help