11.21.19

E-skimming attacks on the rise as peak online shopping season begins

With the holidays right around the corner, online shopping is poised for a record-breaking season in 2019. Emarketer predicts that consumers will spend over $135 billion this upcoming holiday season.

The e-commerce boom precipitated a new cybersecurity threat known as e-skimming, which involves the theft of consumer payment information from online stores. If you’re thinking about going online instead of the mall this year, it’ll be helpful to understand how e-skimming works and how to protect yourself against it.

What is e-skimming?

E-skimming is the process of using malicious code to capture the sensitive credentials of a consumer, such as credit card information, from an online payment webpage.

Hackers accomplish this by gaining access to a company’s online store, which can be done by infiltrating the website’s infrastructure or infecting one of the site’s third-party vendors. Once they’re in, they hide the malware script somewhere inside the regular code so that it goes undetected. The script is specifically designed to intercept information that’s entered into payment forms.

If you’re a regular online shopper, you know what these payment forms look like. They have separate fields for individual credit card details (name, number, security code, expiration date). Though the user interface may look normal, malware scripts can be operating unnoticed in the background, tracking these fields and capturing the data you enter into them. After the information has been captured, it’s sent to a remote server that’s controlled by the hacker.

The history of Magecart

E-skimming attacks started happening back in 2015 with one cybercriminal organization. As the organization became more notorious, other cybercriminal groups started to adopt e-skimming tactics. This network of hackers became identified as Magecart.

They started targeting online stores with an automated scanner system that could identify web pages with vulnerable source code. In the beginning, the most vulnerable payment platforms existed on Magento, an open source e-commerce platform that allows small companies to create online stores where they can sell their products.

Today, almost any online store can be targeted, even high profile companies with advanced cybersecurity. For example, the payment webpage for Forbes magazine’s subscription service was recently infected by Magecart, causing the credit card details of many unsuspecting subscribers to be stolen.

How to protect yourself from e-skimming

When it comes to preventing e-skimming attacks, most of the responsibility lies with e-commerce companies. They need to invest in advanced cybersecurity systems in order to protect their online stores from infections. Though, as a consumer, there are still actions you can take to minimize the risk of having your payment information stolen.

You can start by purchasing a subscription to a “virtual card” service. These services will set you up with credit cards that become void after each transaction. Anytime you shop online, you’ll use a specific card with unique details for each individual purchase. So if the card’s information is stolen, it won’t affect you because the card will already be void. 

Most importantly, stay away from any sites that are not well-known. Online stores for smaller companies won’t have as tight of security as larger online retailers like Amazon, making them more likely to be infected by Magecart. If you do want to purchase something on a smaller scale website, be sure to check the URL first. Does it start with HTTPS or HTTP? Websites with URLs that start with HTTPS are encrypted, which means that any communication between your browser and the website will be private. Never enter your payment information into an HTTP website, as it can easily be tracked by hackers.

To learn more about e-skimming attacks, visit us at Total Defense today!