Attending this event?
We have been working hard to secure the world through challenges and discovery. And now, it’s time to celebrate! Many of you have played a crucial role in the Foundation’s enduring history, and we encourage you to participate in the celebration coming this September! Our theme, Securing the Next 20 Years, is encouraging and exciting as we look ahead to the next 20 years!

Join us for FREE at this live 24-hour global event as we honor the past, celebrate the present, and embrace the future of OWASP and cybersecurity. Hear from world-renowned keynotes and special speakers, and network with your peers. It is FREE to attend, however, registration IS required, so please register today!

Back To Schedule
Friday, September 24 • 6:00am - 6:30am
Stop the looters: a method to detect digital skimming attacks

Log in to save this to your schedule, view media, leave feedback and see who's attending!

In 2019 British Airways was fined a remarkable £183 million for a data breach that affected more than 380.000 of its customers. Magecart, the hacking group behind the attack, specializes in credit card theft and British Airways have not been their only victim. Ticketmaster, Forbes, Newegg and numerous online webshops have suffered security breaches by digital skimmers.

In the real world, a skimmer is a physical device inserted at payment terminals in order to harvest credit card data. Digital skimming is usually done through javascript code injected in a webpage where victims visit to fill in payment, or other types of sensitive data.

So how do you detect an attack? Is there an easy method to monitor javascript and deter digital skimmers? In this talk I will be presenting exactly this: a method to audit your javascript in order to stop digital skimmers from looting your websites.

avatar for Nikolaos Alexiou

Nikolaos Alexiou

IT Security Specialist, Skandia
Nikolaos (Nikos) Alexiou is an application security specialist based in Stockholm, Sweden. He is a leader of the OWASP Stockholm local chapter and has a software developer background. He holds a master in Information Systems and has published his research work in academic conferences... Read More →

Friday September 24, 2021 6:00am - 6:30am EDT
Feedback form isn't open yet.