Latest Fraud Schemes in Retail, Hospitality, and Gaming

Researchers estimate that as many as 80% of people reuse passwords across multiple accounts. With more than 13 billion compromised credentials for sale on the dark web, many organizations are highly exposed and do not even know it.

In this session, you will learn how to protect your organization from compromised credentials even before they hit the Dark Web while providing a simplified password experience for your users.

Major attacks, breaches, exploits, and malware are nearly a daily occurrence. The problem is two-fold, attacks are getting cheaper to perform and the value of stolen credentials is increasing daily. In this session, Jarrod Overson, Director at Shape Security, will reveal how cheap modern attacks have become and how cybercriminals bypass defenses like CAPTCHAs and browser fingerprints.

You will learn:

- Why attackers are hyper-incentivized due to the dirt-cheap cost of attacks
- How attacks have evolved over time and insights into where attacks are going
- What cybersecurity and development teams must change to reflect the realities of attackers that won’t quit

Magecart and other malicious JavaScript attacks have defeated CDN, WAFs, and many other security measures because of how and when they execute their code. These breaches have occurred at everything from small eCommerce sites to so of the biggest brands in the world.

In this session, you will learn the top 5 ways Magecart attacks are executed, how to assess your current threat surface level, and how to lock them down.

Cyber attackers continue to retool, learn and develop more and more sophisticated techniques. Seeing the complete picture and having an understanding of how attackers evolve from rudimentary automated attacks to manual fraud fuelled by malware will help you ensure your organization is well prepared.

In this session, you will get a complete overview of attacker modes of operation.

Every day there is a cat and mouse game security professional play with attackers trying to make an illicit profit at your company’s or your customers’ expense. Understanding where we have come from can give you clues and ideas about what attackers will do next and how to be one step ahead of the pack.

In this session, you will learn about the evolution and economics of credential stuffing and how to make yourself a hard target that is just worth the effort.

Understand and prepare for the new threats and trends before you see them in the news.

In this session, you will learn key emerging trends and gain insights into how you can stay ahead of hackers and use security to help reduce customer friction and grow your business.

Financial aggregators deliver single-pane visibility to over 100 million consumer accounts. Plaid, Mint, and Yodlee, and to name some well-known examples, are considered top-tier aggregators.

While Financial aggregators are innovative, they can also create unintended challenges and risks.

Join us for this webinar as Sumit Agarwal, Co-Founder and COO at Shape Security, reveals the techniques and strategies that Fortune 500 Banks use to partner with aggregators and better serve clients.

Join threat intelligence lead Mengmeng Chen as she reveals ‍the 3 most expensive types of eCommerce fraud schemes that businesses battle every day.

You'll learn:

- Analysis of attack data during sales promotions
- Best practices from Top 10 Retailers
- Top 3 retail attack techniques

Captcha's are good for two things: Increased user friction and decreased conversion rates.

Learn from Dan Woods how cybercriminals and malicious actors can quickly bypass Captcha's on your website.

One of the most common ways cybercriminals perform account takeovers is via credential stuffing.

To learn more about this threat, Dan Woods, former FBI Special Agent, and VP Shape Intelligence will demonstrate how the Selenium Webdriver tool is used to perform credential stuffing attacks.

Captcha's are good for two things: Increased user friction and decreased conversion rates.

Learn from Dan Woods how cybercriminals and malicious actors can quickly bypass Captcha's on your website.

While the holidays bring us an excess of joy and hot chocolate, security teams are faced with a substantial increase in cyber attacks. Hot products in demand bring scammers, scalpers, and bad bots.

Join us for this live webinar as Jarrod Overson, Director of Engineering at Shape Security, breaks down three of the most popular and costly cyber attacks and what you can do to keep these attacks from ruining the holidays.

In this webinar, we will discuss in detail:

- Credential Stuffing & Password Spraying
- E-Skimming or Magecart Style Attacks
- Scalping

While the holidays bring us an excess of joy and hot chocolate, security teams are faced with a substantial increase in cyber attacks. Hot products in demand bring scammers, scalpers, and bad bots.

Join us for this live webinar as Jarrod Overson, Director of Engineering at Shape Security, breaks down three of the most popular and costly cyber attacks and what you can do to keep these attacks from ruining the holidays.

In this webinar, we will discuss in detail:

- Credential Stuffing & Password Spraying
- E-Skimming or Magecart Style Attacks
- Scalping

How do cybercriminals defeat the “we don’t recognize your device” response from a website? Genesis: The digital fingerprint marketplace. While getting access to Genesis is invite-only, the Shape Intelligence team found a way in and we’d love to show you what’s behind the curtain!

Join us for this brief webinar as Dan Woods, VP of Shape Intelligence Center and former FBI agent, gives you a step-by-step walk-through of the Genesis marketplace in under 10 minutes.

Up to 99 percent of the traffic on retail and eCommerce login forms is due to account takeover (ATO) attempts. In this webinar, Shape Security’s Threat Intel Analyst Smriti Kawal Jaggi will explain how attackers use both online and offline methods to target individuals and monetize successful ATOs with actual use cases from retail, hospitality, telco, and gaming industries. Learn about what attackers really do with compromised accounts from Shape Security’s Intelligence Center.

Key Takeaways:

- Hear about the size of the automation threat facing the retail industry and the associated losses
- Learn how social engineering is used more than ever as a fraud tool to leverage PII against individuals and the business they patron
- Discover how credential stuffing attacks are used to steal gift cards, commit return fraud, and test stolen credit cards

Most website visitors aren’t humans, but instead bots–or, programs built to do automated tasks. While there are good bots like chatbots and search engines, there are a lot more bad bots, that malicious attackers use to commit fraud while simultaneously killing customer experience.

In this webinar, Amy DerMartine, Vice President, Research Director at Forrester, will discuss the effects of bad bots and how to combat these bad actors.

You will learn:

- How bots are quickly evolving to mimic human behavior or are being used alongside real humans
- The targets and various types of attacks from bad bots
- What organizational issues you should consider and tools to use to manage bot traffic

Major attacks, breaches, exploits, and malware are nearly a daily occurrence. The problem is two-fold, attacks are getting cheaper to perform and the value of stolen credentials is increasing daily. In this session, Jarrod Overson, Director at Shape Security, will reveal how cheap modern attacks have become and how cybercriminals bypass defenses like CAPTCHAs and browser fingerprints.

You will learn:

Why attackers are hyper-incentivized due to the dirt-cheap cost of attacks
How attacks have evolved over time and insights into where attacks are going
What cybersecurity and development teams must change to reflect the realities of attackers that won’t quit

How Barney's New York addressed fraud, shoe bots, and improved customer experience, retention, and loyalty.

According to the FBI report in 2014, botnets have caused over $9 billion in losses to U.S. victims and over $110 billion in losses globally. Bots are rapidly proliferating globally at a rate of 18 machines per second. These bots are being used by organized crime to carry out website attacks such as credential stuffing attacks leading to large-scale account hijacking and widespread online fraud. Attend this webinar to learn about bots, botnets, and automated attack ecosystem from Shape’s Shuman Ghosemajumder, who is also the former head of product management for click fraud protection at Google.

Why you should attend:
- Learn about the evolving bot and botnet landscape
- Understand how bots are used to carry out website attacks and fraud
- Evaluate strategies to protect your website from bots