Skip to main navigation Skip to main content

  1. Home
  2. Insight Series
  3. Payment Security
  4. Cyber fraud: Lessons learned from 2018


Cyber fraud: Lessons learned from 2018

Facebook, British Airways, T-Mobile – high profile data breaches involving millions of people’s personal and financial data consumed the news in 2018. With ever more sophisticated cyber threats targeting individuals and businesses, this advanced fraud is only set to become more sophisticated.

But it’s not all doom and gloom. The more you understand cyber threats, the better prepared you can be to stop them. We’ve rounded up some of the most important learnings, from some of the leading cybersecurity players, to help keep your business safe from cyber-attacks in 2019.

On average, Symantec reports that 4,818 unique websites were compromised by formjacking code every month last year.

While household names are splashed across the headlines, Symantec says "it is often small and medium sized retailers selling goods ranging from clothing to gardening equipment to medical supplies, that have had formjacking code injected onto their websites.”

With consumers increasingly buying through the internet, this type of fraud looks set to stay, so investing in anti-formjacking security checks could be the next priority for businesses.

How is merchant fraud evolving?

Credit card and banking malware

Credit card theft has long been a problem for individuals and businesses, but it’s recently reached new heights of sophistication.

McAfee’s 2018 report found that e-commerce malware – malicious code on payment platforms – had overtaken point-of-sale fraud as cyber criminals’ preferred method of attack.

Banking malware also continues to be a constant threat, with more and more spam campaigns managing to bypass email protection systems and compromise banking details.

Anti-fraud measures to try and protect against credit-card and banking malware include:

  • geographic IP location checks for online payments
  • two-factor authentication for online banking actions

Two-factor authentication is part of the PSD2’s Strong Customer Authentication, which officially comes into force on 14th September 2019. Make sure your business is ready for the new legislation, read our guide to Strong Customer Authentication.

2018 Cyber threats and attacks in figures

Email threats

Email threats have been on the rise since 2015, and last year was no different – Symantec found that numbers of phishing, spam and malware were still on the up.

According to Symantec, 55% of emails in 2018 were registered as spam, showing just important a good spam filter is. But don’t just rely on your junk inbox to catch these threats. 48% of all malicious email attachments came from Microsoft Office files. These might look innocent, but it’s worth having an internal checking system to verify links before you unwittingly download a virus.

Symantec’s cyber security report also found that the malicious email rate for smaller companies was much higher (one in every 323 emails) than bigger organisations (one in every 556 emails). If you’re a small business, investing in a rigorous email security system gives you a much better chance to avoid falling prey – saving a lot of time and money in the long run.

Spear phishing is a favourite among cyber criminals because of its success rate. Antivirus and internet security software provider, Kaspersky Lab predict spear phishing will continue to be popular in the future. Relying on human interaction to avoid automatic fraud detection systems, spear phishing usually hooks targets with a legitimate looking or sounding communication. Unfortunately, that means data breaches – especially on social media platforms – fuel spear phishing by giving cyber criminals an even more targeted opportunity.

As with email threats, additional authentication is highly recommended. It won’t affect day-to-day operations too much, and could save you from a potentially devastating data breach.

Over the past few years, supply chain attacks have been steadily mounting, and Symantec report an increase of 78% last year. They’re a main draw for cyber criminals because accessing one supply chain could allow access to multiple businesses.

According to Symantec, developers are a main source of attack, allowing cyber criminals to hijack software updates and version controls. It’s a good idea to check the security systems of your third-party web applications, such as review tools or chat, to make sure they can’t be exploited.

Cloud databases

You probably associate cloud data breaches with leaked celebrity photos, but it can also be a serious problem for businesses. In 2018, Symantec reports that more than 70 million records [were] stolen or leaked as a result of poor configuration of Amazon S3 buckets.

Around 42% of UK enterprises depend on the cloud, according to Eurostat. So, if you’re one of them, make sure you’re aware of the risks and taking all precautions to protect your data.

How to protect your business from cyber-attacks in 2019

It’s impossible to know exactly what the new cyber criminal trends will be this year, but here are some simple steps to help protect your business from future cyber-attacks:

Credit card and banking malware:

  • Help prevent formjacking with automated vulnerability scanners and intrusion detectors on your website
  • Protect online payments with geographic IP location checks
  • Make sure you’re compliant with Strong Customer Authentication by updating your Payment Service Provider platform. Read our guide to find out how.

Email threats and spear phishing:

  • Don’t just rely on spam filters and traditional blacklists
  • Set up internal policies and encourage staff to report attacks
  • Use multi-factor and DMARC (Domain-based Message Authentication, Reporting & Conformance) authentication for extra protection.

Supply chain attacks:

  • Ensure you have full visibility over your supply chain
  • Know how many providers you have and what type of software you’re using
  • Confirm security requirements and responsibilities with suppliers
  • Check for third-party attacks by implementing monitoring systems and intrusion detectors.

Cloud databases:

  • Create offline back-ups of all your data
  • Encrypt any information you store in the cloud
  • Use unique passwords with multi-factor authentication for each cloud account
  • Make sure all cloud accounts are securely configured
  • Block public access to any Amazon S3 buckets – if necessary, create special buckets for any data that needs to be publicly readable.


  • Regularly patch your software to keep improving your cyber security
  • Keep all your IT systems up to date with the latest versions of software and firmware.


  • Configure any staff accounts with the lowest level of access 
  • Keep permissions up to date when people leave by removing them from the system.

Further help

Get insights on how to defend your business in our video – Cybersecurity: A hacker's advice on protection from payment fraud

See more help online from the Cardnet Payment Security insights


  1. Symantec Internet Security Threat Report, Vol 24, Feb 2019
  2. Symantec Internet Security Threat Report, Vol 24, Feb 2019
  4. Symantec Internet Security Threat Report, Vol 24, Feb 2019
  5. Symantec Internet Security Threat Report, Vol 24, Feb 2019
  6. Kaspersky Security Bulletin: Threat Predictions for 2019
  7. Symantec Internet Security Threat Report, Vol 24, Feb 2019
  8. Symantec Internet Security Threat Report, Vol 24, Feb 2019
  9. Symantec Internet Security Threat Report, Vol 24, Feb 2019
  10. DCMS, Cyber Security Breaches Survey 2019
  11. DCMS, Cyber Security Breaches Survey 2019
Receive our Thought Leadership and Market Updates

Get our top insights to help your business by signing up to our Thought Leadership and Market Updates. From the latest retail trends to payment regulation, our experts will keep you up to speed. Please enter your email below if you would like to receive our Thought Leadership and Market Updates.

Your information will be held by Lloyds Bank plc trading as Cardnet, part of the Lloyds Banking Group. More information on the Group can be found at

Please scroll down in order to confirm acceptance of our Terms and Conditions