In the same way a card skimmer steals credentials at an ATM, gas pump or point-of-sale terminal, the Magecart malware hides beneath the surface of a website with a digital skimmer to obtain card and personal information.

Security researchers have raised alarms about the vulnerabilities of fax machines (yes, many banks are still using them) and printers. It is the kind of threat companies tend to overlook.

Citigroup was so impressed with a test drive of AI software it invested in its maker; the FBI's warning of a cyberattack targeting ATMs came to pass — expect more to come; debating whether state AGs can serve as de facto CFPBs; and more from this week's most-read stories.

A letter supposedly sent to U.K. bank customers warns that Barclays debit cards could explode. The letter then urges recipients to mail their cards, along with their PIN codes, to an address in Bangalore. But is this really happening?

BNY Mellon, JPMorgan and Bank of America are recruiting interns from Year Up, many of whom lack college degrees but are trained in high-demand fields such as cybersecurity and anti-money-laundering.

A heist in India appears to be the very thing U.S. law enforcement had foretold. But banks shouldn't let their guard down, because cybercrooks have raised raids on cash machines to an art form.

Account takeover (ATO) fraud currently drives the largest fraud losses at North American financial institutions within digital channels, according to a new report from Aite Group and Early Warning, the bank organization that operates the Zelle payment network brand. And according to data from RSA, phishing remains a vital part of this scam.

Our phones are rapidly becoming a massive single point of failure in our digital lives.

One community bank decided it can build closer relationships with business clients by hosting events to help them learn how to fortify their cyberdefenses.

Financial institutions are hoping to get ahead of the growing and seemingly insurmountable problem of payment card fraud not just by looking at who cyber-attackers are going after currently but who they are likely to defraud in the near future.