- Get link
- X
- Other Apps
When millions of people go gift hunting online, the trap snaps shut. We are talking about the new invisible threat on the Internet: formjacking, also known as e-skimming. Here capture hackers online shops with pirated payment forms, credit cards, and bank details The unsuspecting customer and the company concerned don't notice anything at first - everything goes as usual. The buyer receives their product and the company receives the payment, but in the background cybercriminals access the secret payment information. Only when you look at the account later does the rude awakening come: Strangers have shopped extensively at the cardholder's expense.
BKA and FBI warn
In the new federal management report on cybercrime, the BKA confirms that there was a particularly sharp increase in formjacking cases during the Christmas business year. The FBI also recently issued a warning as part of the US Cyber Security Month 2020, particularly to small and medium-sized companies that offer online credit card payment. These often have less sophisticated defense mechanisms and are therefore particularly susceptible to attacks. Placed malware would also remain undetected on their systems for longer.
But larger companies are also increasingly being targeted. One of the most spectacular cases occurred in September 2018 when British Airways lost over 380,000 customer credit card details due to an infected booking site. This attack is likely to have earned the hackers several million US dollars. British Airways, on the other hand, not only suffered an immense loss of trust but also faces a possible fine of 230 million US dollars thanks to inadequate security measures - the largest amount so far since the GDPR came into force.
How does formjacking work?
The term formjacking is made up of "online form" and "hijacking" and describes the digital variant of the well-known skimming, in which fraudsters prepare the card slot at ATMs with their card reader. The pin code is spied out with small cameras at the same time. The bank card can be duplicated with the collected data.
A formjacking attack in cyberspace is very similar. In the two-stage attack, a sales page on the Internet is first targeted to place malicious code - mostly small, disguised JavaScripts - on the page. According to the FBI, hackers often achieve this through phishing and malicious emails to employees or via vulnerable third-party providers whose applications have access to a company's server landscape. If the defective code has been successfully implemented, credit card data can be recorded in real-time as soon as the customer enters it on the shop website.
With the valuable information, the cybercriminals either go on a shopping tour themselves or sell it on the darknet. According to a study by the American credit bureau Experian, a credit card number with a security code can be bought for around the US $ 5 over the digital counter. Login data from payment service providers such as PayPal even bring in around 20 US dollars.
Who is behind the attacks?
Formjacking is one of the so-called man-in-the-middle attacks in which attackers use malware to position themselves unnoticed between communication partners. But who are the strangers? In most cases, this cannot be assigned, but the name Magecart appears again and again in connection with the incidents, including in the British Airways case described at the beginning. It is an umbrella term that describes the activities of at least seven groups of hackers who use similar malware in similarly orchestrated attacks. The Magecart groups are not limited to a specific platform of online shops as part of their hacks. Also, some of the cybercriminals have been observed to specialize in third-party services such as live chat widgets.
How can you protect yourself?
The customer can't detect and prevent formjacking when shopping online because the infected pages look unchanged. It is therefore advisable to limit purchases to large shops that, in contrast to small e-commerce websites, are equipped with more extensive security systems. Credit cards should also have a second level of defense in the form of the 3D Secure process. Then, for example, no transaction is possible without a TAN code that is sent to the smartphone.
The actual responsibility to prevent e-skimming attacks lies with the company. They must keep their security systems up to date. The gates of malware, for example in the form of malicious emails, need to be kept closed with extensive protective measures.
Prevent your computer from malware attack, download total security software
Although the focus of formjacking is currently on the theft of credit card data, in principle any type of data that is recorded using online forms can be accessed with the method. The expansion of the scam is therefore more than likely.
Comments
Post a Comment