With Diwali just around the corner, you¡¯re likely going to be doing a lot of online shopping soon. Be careful though, because it seems there¡¯s been an uptick of hackers targeting checkout pages on websites to steal credit card data. Here¡¯s what you need to know.
The method being used is something called formjacking. This is when hackers inject malicious JavaScript code into the checkout links of shopping portals. That way, when you enter in your credit or debit card details to buy, the information first passes through their hands.?
There have been quite a few publicly reported cases in just this year so far, chief among them being those targeting Ticketmaster, British Airways, Feedify, and Newegg. All of these were carried out by a single group called Magecart.?
Symantec, the cybersecurity company behind Norton, say they¡¯ve blocked 248,000 instances of formjacking since just mid-August. It¡¯s not really a new technique to steal user data, but they say the drastic increase in its frequency of use this year is worrisome, especially since the attempts have been on a larger scale and more sophisticated than before.
Suppose you¡¯re on Flipkart, or Amazon, and decide to pay for a purchase with your credit card. You fill in all the details like your card number, code, name, and address. As soon as you hit ¡®Submit¡¯, the malicious JavaScript injected kicks in, siphoning off all that data you¡¯ve entered and copying it to the attacker¡¯s server. He or she can then use that information to pay for whatever the hell they feel like, or might even just turn around and sell it on the dark web.
As it turns out, the majority (if not all) of this year¡¯s formjackings are likely a single sustained campaign. They¡¯ve also gotten more frequent in the September 13 to 20 week. Specifically, 36 percent of the almost quarter of a million blocked attempts occurred in that week. For the rest of us, that probably means the frequency of these instances will continue to grow.
Ticketmaster, British Airways, Newegg, none of these are small companies either, they¡¯re all established e-commerce portals. No shopping site is safe really, if Magecart or its ilk can find an avenue of attack that lets them change the website¡¯s code.
Sorry guys, but there¡¯s nothing you can really do here to safeguard yourself, that¡¯s all on the shoulders of whichever site you shop from. At the most, maybe stick to cash-on-delivery for a while?