skip to content

Department of Computer Science and Technology

Monday, 11 November, 2019 - 13:00 to 15:00
Graham Edgecombe
FW26, Computer Laboratory

Netcraft is running an interactive workshop where you can learn about JavaScript-based credit card skimming and put your new skills into practice. If you would like to attend, please "register for the event":

Each team is a seafood wholesaler entering the online market for the first time, having just bought a very vulnerable WooCommerce-based online shop from a cheap web design firm. However, it's a cut-throat industry, and a competitor has broken into your shop to install a JavaScript-based credit card skimmer.

Recognizing the opportunity to make a fortune, your challenge is to join in the fun and break into your competitors' sites to install credit card skimmers, while simultaneously defending your own shop from your peers.

The team that makes the most profit will be declared the winner.

JavaScript-based credit card skimming is becoming increasingly popular.
Criminals break into online shopping websites and insert small snippets of JavaScript that capture card numbers as they are typed in, sometimes receiving them before the legitimate site even processes the payment. Unlike traditional phishing websites, it is impossible for a user to spot the presence of a skimmer.

Netcraft discovered over 3,600 infections in July 2019 and is currently tracking over 6,000 infected sites. Notable examples include Puma, Misfit Watches, Uniqlo and a variety of Premier League football teams.

Last year, skimmers were discovered on British Airways' and Ticketmaster's websites, claiming an estimated 380,000 and 40,000 victims respectively. British Airways was subsequently fined £183 million for the breach.

To take part, bring your own laptop with a web browser and an SSH client (e.g.
Putty for Windows users; OpenSSH for Linux/Mac users).

Pizza and soft drinks will be provided at the event. To give an accurate idea of how many staff Netcraft should bring and how much pizza we should buy, "RSVP here":

Food provided
Computer Laboratory Tech Talks

Upcoming seminars