443 Websites Infected: EuroPol Urges Caution After Global Skimmer Ring Exposed

compromise payment card data

Europol, in collaboration with law enforcement agencies from 17 countries, undertook a concerted effort to notify 443 online retailers about the compromise of their customers’ payment card data. During a two-month operation led by Greece and supported by Group-IB and Sansec, a vigorous campaign was waged against digital skimming.

The essence of skimming involves hackers implanting tools or malicious software into e-commerce websites to intercept customers’ credit card data during online transactions. This issue has long plagued popular online stores.

Thanks to the efforts of Computer Security Incident Response Teams (CSIRT) and the European Union Agency for Cybersecurity (ENISA), the affected sites were alerted about their utilization in skimming attacks.

Europol points out that such attacks often go unnoticed for extended periods. Stolen payment data are typically sold on the darknet. Consumers often remain unaware that their data has been compromised until malefactors use it for unauthorized transactions, making it difficult to pinpoint the moment of the data breach.

Law enforcement agencies provided technical support to online stores, assisting in the removal of malicious tools and ensuring the safety of customers. Countries participating in the operation included the USA, the UK, Germany, Colombia, Spain, and the Netherlands.

According to a report by Recorded Future, there are 119 million cards for sale on the darknet, potentially leading to losses of $9.4 billion for card issuers and $35 billion in potential refund expenses for sellers and buyers in 2023. In 2022, skimmers compromised 45.6 million payment card records.

Among the stores targeted by skimmers in 2023, restaurants (comprising 18.5% of all victims), auto parts dealers, clothing stores, and others were notably affected. The USA leads in the number of cards available on the darknet, with more than 50 million, a figure not exceeded by any other country or region by more than 2.5 million.

It is anticipated that in 2024, fraudsters will refine their methods, continuing to employ both traditional and new means of card theft. Cards stolen from financial institutions in North America and Europe will continue to dominate sales. The report suggests that in 2024, cybercriminals will employ sophisticated technical solutions, finely tuned processes, and social engineering methods to circumvent fraud detection systems.