This week we saw that information security threats are still on the rise, and can appear in ways we don’t expect. New reports show that online fraud was on the rise in 2016 as retailers have continued to support EMV credit cards in their stores. A children’s toy raised further concerns about the security of IoT devices, while some interesting Android malware raised eyebrows.

ONLINE FRAUD ON THE RISE

New research from Forter and Merchant Risk Council reveals that (perhaps unsurprisingly) online fraud expanded by 8.9% in 2016.

And while no industry left 2016 completely unscathed, some suffered more than others; attacks against clothing apparel and food delivery companies increased significantly in 2016, with 69.9% and 49.8% rises respectively.

Researchers and retailers are quick to point to the spread of EMV (“chip”) payment cards, which feature a token-based chip that makes it more difficult to steal and duplicate card data, as the likely cause for the surge in online fraud.

The carding shops across the dark web that peddle stolen credit cards by the thousands, though, may be the sort of catalyst which makes e-commerce fraud surpass traditional forms of retail fraud.

By providing unfettered and anonymous access to others’ personal and financial information, fraudsters will no longer need to risk conning the cashier. These illicit markets enable scammers to open phony bank accounts, make calculated purchases, and collect their profits, all without leaving the comfort of home.

CUTE, CUDDLY, CONCERNING

A data breach impacting more than 800,000 customers of CloudPets, a toy company that makes a stuffed animal that sends voice messages from parents to children, raised concerns about hackers gaining unauthorized access to voice recordings. Although parent company Spiral Toys said that none of the recordings were stolen, hackers appeared to have accessed email addresses and hashed passwords.

ONE MORE THING: CONFUSED HACKERS

Researchers recently discovered 132 mobile apps in the Google Play store that intended to infect unsuspecting users with Windows malware. Yes, you read that correctly. Needless to say, the malware did not work. If anyone’s keeping a list of funny malware fails, add this to it, though it was most likely the result of app developers using previously-infected machines, which infected the files without their knowledge as they built and distributed their apps.