What is Formjacking?
This is not a new form of cyber attack, but it has recently increased since the past year. It is form of JavaScript-code where cyber criminals hack and take control over the functionality of the site’s form page. This malicious JavaScript code is used to steal credit card details and payment form information on checkout web pages of online retailer websites.
The company Symantec, a security software company that owns Norton, since mid-August of last year has blocked almost a quarter of a million formjacking attacks. Recent reports of attacks have happened on company websites including Ticketmaster, British Airways, Newegg, and Feedify.
How does Formjacking work?
Let’s say you are online shopping for a new laptop. After comparing two brands, found exactly the style, size, storage, and other criteria you are ready to add it to your cart. You might even look at accessories for your new laptop. Once you are finished you click your check-out tab and pull out your credit card. You type in your billing information, name on card, card number, expiration date, zip code, and your CVV. You then click “submit”.
After clicking submit is where the problem happens. The malicious code is injected there by the cyber criminals and collects all the information that you inputted and sends it to the attacker’s server. These attackers can then take the information that they stole and use it to carry out payment card fraud, identity theft, or even sell your information on the dark web.
What can you do to protect yourself from these attacks?
Many victims may not realize that they are victims of formjacking as most if not all websites continue to function normally. Although having security software, such as Symantec or McAfee, in place that protect users from formjacking attacks is HIGHLY advised!
Consumers are not the only people to be aware of these attacks. Website owners should also be aware of the dangers of such software attacks as these are supply chain attacks that can infect the whole system. Some steps to mitigate these risks are:
-
- Test for new updates: even those that seem to be legitimate NEED to be tested to detect any suspicious behavior.
-
- Monitoring behavior: monitoring any and all activity on a system is crucial to prevent attacks or any unwanted visues. If one sees any suspicious patterns please REPORT to the right authorities and block any further access before any serious or even permanent damage can occur. Be diligent in observant on any strange changes or updates on one’s website.
If you’d like some help protecting yourself from these kinds of attacks, feel free to contact us to see how we can help.