FIN6 is a financially motivated threat actor group in operation since at least 2015. Based on Visa Payment Fraud Disruption’s (PFD) analysis of eCommerce compromises throughout 2018, FIN6’s focus on the card-not-present (CNP) environment has only amplified, suggesting that the cybercrime group has fully incorporated targeting CNP environments into their criminal methodology. PFD assesses that the increased focus of a sophisticated cybercrime group, such as FIN6, on eCommerce environments is a broader representation of the overall cybercriminal focus on the CNP space.

Article 36000172128