Formjacking is a new invisible threat in cyberspace today. The term “Formjacking” is a combination of “online/website form” and “hijacking”. This term brings about the digital version of the well-known skimming by cybercriminals.
How does this occur?
There are many formjacking vectors that cybercriminals will use to launch attacks to get access to any information that they want, as noted below;
- Fraudsters prepare card slots at ATMs with their own card reader. The pin code is spied out simultaneously with small cameras. The bank card can be duplicated with the collected data.
Another menace may happen when the criminals use this data for identity theft or payment card fraud.
Summit’s 2018 project frontline that brings about Cyberspace Security Report, shows that 92% of credential gathering and data exfiltration was achieved from different websites and online forums.
Download and read Project frontline Here.
Notable Examples of Formjacking Attacks that have been successful include British Airways and Ticketmaster attacks that were believed to be perpetrated by Magecart. The British Airways attack resulted in more than 380,000 credit cards being stolen at an estimated loss of $17 million. This is in addition to the record £183 million fine that was levied against the company due to its lack of General Data Protection Regulation (GDPR) compliance. GDPR allows fines of up to 4% of a company’s annual turnover for noncompliance.
Who’s behind the attacks?
Formjacking belongs to man-in-the-middle attacks, in which attackers position themselves unnoticed between the communication partners using malware. But who are the unknowns? Known to be active since 2015, “Magecart” refers to at least seven different hacking groups and has become a household name in recent years as these groups were responsible for the well-known cyberattacks on large companies including British Airways, Ticketmaster, and Newegg.
Magecart attackers are best known for hacking into Magento shopping cart pages, but they are not limited to just payment card data. Formjacking has been discovered on all types of pages and sites: healthcare sites, login pages, etc.
How can you protect yourself?
- Online users may fail to detect and prevent formjacking during online shopping because the infected pages look unchanged. It is therefore advisable to restrict purchases to large shops which, in contrast to small e-commerce websites, are equipped with more extensive security systems.
- Credit cards should also have a second level of defence in the form of 3D Secure in credit card systems. For example, no transaction is possible without a Transaction authentication number (TAN) code sent to user’s smartphone.
- The responsibility for protecting user’s data against e-skimming attacks lies back to the companies. It is imperative that the company keeps their security systems up to date. This is to focus on keeping entry gates for malware into the system, closed with extensive protective measures.
- Running vulnerability scanning and penetration testing to identify loopholes or weaknesses in your cyber security defences.
- Monitoring outbound traffic on your site to be aware of any traffic from your site to another location.