The method that hackers mostly use to steal credit card data is known as formjacking. Basically, formjacking is a process in which hackers inject malicious Javascript codes into the checkout web pages of various shopping sites.
Here’s How Hackers Steal Your Credit/Debit Card Details!
Well, now that we are heading towards the festive month of Diwali, hackers are going to try their luck to trap innocent victims. As we all know that Diwali is just around the corner, and you are likely to do lots of online shopping soon. However, be careful though, because it looks like hackers are now targeting check out pages on the website to steal credit card data.
The method that hackers mostly use to steal credit card data is known as formjacking. Basically, formjacking is a process in which hackers inject malicious Javascript codes into the checkout web pages of various shopping sites. So, when any user enters the credit or debit card details to complete the purchase, the information immediately passes through the hands of hackers.
The hacking attempt is easy to implement, and any hacker who have enough technical knowledge can perform the Formjacking attempt. Not only that, the security firm, Norton claimed that they had blocked as much as 248,000 instances of formjacking since mid-August. The numbers are quite high compared to all other years.
Not only that, but Norton also claims that the drastic increase in Formjacking attempt is worrisome. The cybersecurity company also claimed that this year the formjacking attempts have been on a larger scale and more sophisticated than before.
So, how do Formjacking works?
Formjacking is one of the most used hacking techniques used by hackers. Suppose you are purchasing a product from Amazon and decided to pay for the purchase with your credit card. On the final page of payment, where you need to enter the Credit card details, the malicious JavaScript injected kicks in and it collects all the data that you have entered and send it to the attacker’s server.
After getting the Credit card details, the attacker can use that details to pay for whatever they want. They can even choose to sell that information on the dark web.
What makes the attack scarier?
This year we have seen a formjacking campaign which is kicked by a group called Magecraft. The attack targeted Ticketmaster, British Airways, Feedify, and Newegg. These are not small companies, they’re all well-established and popular e-commerce portals.
So, what does that means? This simply means that the attack might go unnoticed. No shopping site is safe. The worst thing is you can’t do much to safeguard yourself from this attack. So, its all on the shoulders of whichever site you shop from. However, if you want to be on the safe side, opt for the Cash-on-Delivery mode.
So, what’s your opinion on this? Share your views in the comment box below.