European Payments Council: 2017 Payment threats and fraud trends report
04 December 2017
The 2017 Payment threats and fraud trends report provides an overview of the most important threats in the payments landscape. It further contains an early warning concerning threats related to virtual currencies.
It includes:
-
denial of service attacks,
-
social engineering and phishing,
-
malware,
-
advanced persistent threats (i.e. sophisticated targeted malicious attacks aimed to a specific individual, company, system or software, based on some specific knowledge regarding the target),
-
mobile device related attacks,
-
botnets (i.e. a network of private computers infected with malicious software and controlled as a group),
-
threats related to cloud services and big data,
-
threats related to internet of things.
For each threat, apart from a definition and description, an analysis is made on the impact and context and suggested controls and mitigations are described. A summary listing the threats with the main controls and mitigation measures is provided in an annex.
The report further contains a section that elaborates on fraud related to payment instruments (cards, SEPA Credit Transfers and SEPA Direct Debits), while general conclusions are presented in the final section.
The report attempts to create awareness in order to allow stakeholders involved with payments to decide on possible actions in this respect.
Full report
© EPC