BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Talks.cam//talks.cam.ac.uk// X-WR-CALNAME:Talks.cam BEGIN:VEVENT SUMMARY:Netcraft: Credit card skimming for fun and profit - Graham Edgecom be DTSTART:20191111T130000Z DTEND:20191111T150000Z UID:TALK133651@talks.cam.ac.uk CONTACT:Christine Georgiou DESCRIPTION:Netcraft is running an interactive workshop where you can lear n about JavaScript-based credit card skimming and put your new skills into practice. If you would like to attend\, please "register for the event": https://docs.google.com/forms/d/e/1FAIpQLSdkgMpKPFQ2NDVpeYdh5qRF4NWEqCeMs3 mT3eozahALVKDT6g/viewform.\n\nEach team is a seafood wholesaler entering t he online market for the first time\, having just bought a very vulnerable WooCommerce-based online shop from a cheap web design firm. However\, it' s a cut-throat industry\, and a competitor has broken into your shop to in stall a JavaScript-based credit card skimmer.\n\nRecognizing the opportuni ty to make a fortune\, your challenge is to join in the fun and break into your competitors' sites to install credit card skimmers\, while simultane ously defending your own shop from your peers.\n\nThe team that makes the most profit will be declared the winner.\n\nJavaScript-based credit card s kimming is becoming increasingly popular.\nCriminals break into online sho pping websites and insert small snippets of JavaScript that capture card n umbers as they are typed in\, sometimes receiving them before the legitima te site even processes the payment. Unlike traditional phishing websites\, it is impossible for a user to spot the presence of a skimmer.\n\nNetcraf t discovered over 3\,600 infections in July 2019 and is currently tracking over 6\,000 infected sites. Notable examples include Puma\, Misfit Watche s\, Uniqlo and a variety of Premier League football teams.\n\nLast year\, skimmers were discovered on British Airways' and Ticketmaster's websites\, claiming an estimated 380\,000 and 40\,000 victims respectively. British Airways was subsequently fined £183 million for the breach.\n\nTo take pa rt\, bring your own laptop with a web browser and an SSH client (e.g.\nPut ty http://www.chiark.greenend.org.uk/~sgtatham/putty/ for Windows users\; OpenSSH for Linux/Mac users).\n\nPizza and soft drinks will be provided at the event. To give an accurate idea of how many staff Netcraft should bri ng and how much pizza we should buy\, "RSVP here":https://docs.google.com/ forms/d/e/1FAIpQLSdkgMpKPFQ2NDVpeYdh5qRF4NWEqCeMs3mT3eozahALVKDT6g/viewfor m. LOCATION:FW26\, Computer Laboratory END:VEVENT END:VCALENDAR