Loading…
Thank you for joining us at our 20th Anniversary Event! All sessions were recorded and will be posted in the coming weeks on the OWASP YouTube channel.

We have been working hard to secure the world through challenges and discovery. And now, it’s time to celebrate! Many of you have played a crucial role in the Foundation’s enduring history, and we encourage you to participate in the celebration coming this September! Our theme, Securing the Next 20 Years, is encouraging and exciting as we look ahead to the next 20 years!

Join us for FREE at this live 24-hour global event as we honor the past, celebrate the present, and embrace the future of OWASP and cybersecurity. Hear from world-renowned keynotes and special speakers, and network with your peers. It is FREE to attend, however, registration IS required, to gain access to the session links.

Back To Schedule
Friday, September 24 • 6:00am - 6:30am
Stop the looters: a method to detect digital skimming attacks

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
Abstract:
In 2019 British Airways was fined a remarkable £183 million for a data breach that affected more than 380.000 of its customers. Magecart, the hacking group behind the attack, specializes in credit card theft and British Airways have not been their only victim. Ticketmaster, Forbes, Newegg and numerous online webshops have suffered security breaches by digital skimmers.

In the real world, a skimmer is a physical device inserted at payment terminals in order to harvest credit card data. Digital skimming is usually done through javascript code injected in a webpage where victims visit to fill in payment, or other types of sensitive data.

So how do you detect an attack? Is there an easy method to monitor javascript and deter digital skimmers? In this talk I will be presenting exactly this: a method to audit your javascript in order to stop digital skimmers from looting your websites.
Speakers
avatar for Nikolaos Alexiou

Nikolaos Alexiou

IT Security Specialist, Skandia
Nikolaos (Nikos) Alexiou is an application security specialist based in Stockholm, Sweden. He is a leader of the OWASP Stockholm local chapter and has a software developer background. He holds a master in Information Systems and has published his research work in academic conferences... Read More →

Friday September 24, 2021 6:00am - 6:30am EDT
On-Line
  OWASP Standard Classification

Attendees (159)