Back Issues This Week → Current Issue → Popular →

With the PCI DSS 4.0 compliance deadline fast approaching, Cequence threat researchers have uncovered troubling data: 66.5% of malicious traffic is targeting retailers. And attackers aren't just after payment data. They're weaponizing APIs to exploit every stage of the digital buying process. The conclusions in this blog are sourced from Cequence's threat intelligence database comprised of real attack data from anonymized customer production environments and sampled from billions of transactions.

Cequence blocked over 300 million account takeover (ATO) attempts in the past year alone, and another 822 million attacks were aimed at scraping product prices to fuel scalping and undercutting tactics. These automated threats aren't just disruptive; they're designed to bypass traditional defenses and target exposed API endpoints.