A new credit card skimmer has been identified, able to swipe data from credit cards via BigCommere, Shopify, Zencart and Woocommerce outlets. With all of these being very successful e-commerce platforms, there's a lot to worry about.
First of all, what is a skimmer? Well, for our less tech-savvy readers, a skimmer is defined as any malware that obtains user data via their credit cards (essentially "skimming" off information). These are usually hidden within the form of credit card or ATM machines. Although, with the world rapidly attenuating to online transactions, skimmers are changing shape as well. A rather infamous example of online skimming comes in the form of Magecart, an unorganised cybercrime unit that extracts credit card information using fake online forms.
While that's all well and good, how are the above-mentioned sites affected? Well, as reported by Sansec, a Dutch-based cyber-security firm, it does so by producing a fake page. Where one is usually redirected to enter their card details by the original website, now they can encounter a fake build of the same page. After details have been entered and submitted, the Magecart page (in some cases, at least) will play an error warning, asking users to resubmit the information. Following which, they are redirected to the actual webpage, and successfully complete the transaction, none the wiser.
Is that all-too alarming? Well, yes. Especially considering the fact that most skimmers are limited to either a singular physical utility or online platform. This particular malware's ability to infiltrate not two, but four highly successful platforms spells trouble.
The proponents of such activities are also rather difficult to nail down. This information is usually redirected to randomly generated website domains, with names securer than most passwords, for extraction. Evidence of such domain names was first spotted in the August of this year. With it having been 4 months since, who knows what sort of damage such criminals have done? Between the hackers and organizations such as the NSA, this author might just forfeit to wearing tinfoil hats for added security.
So, what are some security measures one can take against skimming? Well, awareness is always the first step. When it comes to physical credit card machines, its always best to quietly observe them for signs of tampering and bruising. The most common locale for such espionage also happens to be places like highway fast stations and other such lonesome areas, so get your shopping done before travelling.
And while there's not much one can do against Magecart attacks, all hoax pages are not designed the same. Check for spelling errors, refresh the page, maybe enter inaccurate information first if paranoia's setting in too deep. But more than all else, stay aware of news regarding online malware attacks, and spread the news onwards.
Source: A cyberattack can spread 9x the rate of coronavirus and is more difficult to recover from the digital pandemic devastation than from COVID-19 pandemic
First of all, what is a skimmer? Well, for our less tech-savvy readers, a skimmer is defined as any malware that obtains user data via their credit cards (essentially "skimming" off information). These are usually hidden within the form of credit card or ATM machines. Although, with the world rapidly attenuating to online transactions, skimmers are changing shape as well. A rather infamous example of online skimming comes in the form of Magecart, an unorganised cybercrime unit that extracts credit card information using fake online forms.
While that's all well and good, how are the above-mentioned sites affected? Well, as reported by Sansec, a Dutch-based cyber-security firm, it does so by producing a fake page. Where one is usually redirected to enter their card details by the original website, now they can encounter a fake build of the same page. After details have been entered and submitted, the Magecart page (in some cases, at least) will play an error warning, asking users to resubmit the information. Following which, they are redirected to the actual webpage, and successfully complete the transaction, none the wiser.
Is that all-too alarming? Well, yes. Especially considering the fact that most skimmers are limited to either a singular physical utility or online platform. This particular malware's ability to infiltrate not two, but four highly successful platforms spells trouble.
The proponents of such activities are also rather difficult to nail down. This information is usually redirected to randomly generated website domains, with names securer than most passwords, for extraction. Evidence of such domain names was first spotted in the August of this year. With it having been 4 months since, who knows what sort of damage such criminals have done? Between the hackers and organizations such as the NSA, this author might just forfeit to wearing tinfoil hats for added security.
So, what are some security measures one can take against skimming? Well, awareness is always the first step. When it comes to physical credit card machines, its always best to quietly observe them for signs of tampering and bruising. The most common locale for such espionage also happens to be places like highway fast stations and other such lonesome areas, so get your shopping done before travelling.
And while there's not much one can do against Magecart attacks, all hoax pages are not designed the same. Check for spelling errors, refresh the page, maybe enter inaccurate information first if paranoia's setting in too deep. But more than all else, stay aware of news regarding online malware attacks, and spread the news onwards.
Source: A cyberattack can spread 9x the rate of coronavirus and is more difficult to recover from the digital pandemic devastation than from COVID-19 pandemic