This report provides an overview of the top payments ecosystem threats within the past six-month period (January – June 2024) as identified by Visa Payment Fraud Disruption (PFD). In the December 2023 Biannual Report, Visa PFD noted an interesting shift in threat actors’ organization, access to tools, and target choice, with threat actors increasing in their scope of abilities and sophistication given advances in technology. The past six- month period saw a continuation of these expanding trends in cross-sector collaboration and ingenuity, with a specific targeting two aspects of the ecosystem: 1) system misconfigurations and vulnerabilities and 2) cardholders. Threat actors continue to probe the payments ecosystem for vulnerabilities and were successful in conducting fraud schemes affecting multiple financial institutions, technologies, and processes. An example of this impact is the erroneous approval of fraudulent transactions. These transactions are approved due to a mishandling of the authorization process and are used to initiate Purchase Return Authorization (PRA) attacks. Visa PFD opened a record number of PRA investigations over the past six months, an 81% increase from the previous six-month period. Per successful attack, each of these fraud operations have resulted in potential losses of nearly US$184K for Visa’s issuing partners. Enumeration attacks remain a popular vector for threat actors to validate and compromise payment credentials, resulting in significant follow-on fraud. Over the past six months, the US region increased as the most heavily targeted region from the issuing side (58% of total issuer enumeration, increase of 16% from the same period in 2023), but decreased from the acquiring side (61% of total acquiring enumeration, decrease of 3% from the same period in 2023). From January through June 2024, Visa PFD continued to identify ransomware and data breach attacks that were opportunistic in exfiltrating data. Overall, Visa PFD observed a 12.3% decrease in the number of individual ransomware and data breach incidents tracked by the team as compared to the prior six-month period, within this figure, Visa PFD identified a continued trend of targeting of third-party service providers, as Visa PFD observed a 24% increase from the previous six-month period in third-party service provider cases. Digital skimming attacks remain prolific and consistent threats to the payments ecosystem. Over the past six months, the number of compromised websites detected by PFD remained relatively consistent.