The latest report from the European Payments Council provides an overview of the most important threats in the payments market, as well as various types of fraud. 

Threats covered include social engineering and phishing, malware, Advanced Persistent Threats (APTs), mobile device related attacks, Distributed Denial of Service (DDoS) attacks, botnets and threats related to cloud services, big data, Internet of Things (IoT) and virtual currencies.

Each type of threat is described, the impact and context is analysed and controls and mitigations are suggested (summarised in a matrix in Annex II).

Fraud is analysed in terms of payment methods - cards, ATMs, credit transfers, direct debit - as well as helpful explanations of how ill-gotten gains are laundered through 'mule' schemes.