This document discusses digital payment card skimming attacks. It provides context on a July 2019 incident where 17,000 domains were compromised due to misconfigured Amazon S3 buckets, allowing attackers to inject JavaScript card skimming code. The document outlines the anatomy of such attacks, including how attackers scan for vulnerable websites and insert malicious code to steal payment details. It also discusses the challenges in detecting these attacks and potential countermeasures around JavaScript controls, website hardening, and configuration settings.