The ingenuity of cybercriminals seems to know no bounds. With Trojans, worms and other types of malware, they try to obtain sensitive personal data such as credit card information. For online stores, this can have serious consequences – ranging from high damage claims to DSGVO fines to loss of reputation. This type of cybercrime is also known as skimming. In this article, you will learn how the so-called skimmers proceed and what you as a store operator can do about it.
What is skimming?
Skimming is credit card fraud. Criminals hide special devices on card readers in stores and ATMs to steal bank and credit card information. They use this data to make purchases online, clone the card for purchases in brick-and-mortar stores, or sell the information on marketplaces on the Deep Web or Darknet. Those affected usually only find out about it when they find unknown debits on their bank statement. This type of fraud has been on the decline in Germany for years, mainly due to improved technology.
Skimming on websites – the new danger
With the rapid growth of e-commerce, credit card fraudsters have developed new meshes to now illegally skim users’ data when making online payments. For digital skimming, hackers develop malware that exploits security holes in a website’s code. To do this, they use a malicious JavaScript code that grabs user input in sensitive forms. This is why digital skimming is also known by the English terms “JS sniffing” and “JS stealer”.
Once the malware is on the website of an online store, the malicious code is loaded together with the regular code in the user’s browser. Now, when the user enters sensitive data in forms provided by the online retailer, the skimmer filters it out and forwards it to the cybercriminals, who then use it themselves or sell it on the darknet.
The most common reasons for security breaches
Online stores are very complex websites with thousands of products, images and data, which in turn means thousands of lines of code. Operators also use a variety of open-source software or third-party add-ons with numerous JavaScript libraries, as well as code from external providers such as Facebook and Google. Among other things, these tools simplify website development and boost performance.
If cybercriminals manage to exploit security holes in one of these add-ons and install their malware there, the malicious code is delivered to website visitors without having to attack the online store’s servers.
Increased skimming attacks since the Corona pandemic.
Corona has changed the world. This has also been felt by e-commerce in Germany, which has seen high growth rates since the start of the pandemic. With many brick-and-mortar stores closed for weeks, more consumers shopped online. According to a 2020 Bitkom survey, groceries in particular were ordered more often from online supermarkets and online farm stores.
Cybercriminals have taken advantage of this trend and have become even more creative in programming malicious code. For example, a new skimmer script hides in trusted sources and mainly targets e-commerce platforms like Magento. Many merchants using this store system outsource their payment processes to third-party providers that collect payment details in so-called iFrames.
The cybercriminals’ new tactic is to use their specially developed iFrames to overlay fake payment fields on top of legitimate ones. This makes it even harder for users to spot fraudulent activity. In this regard, hackers mainly target small and medium-sized businesses that have fewer internal IT resources to adequately protect their websites. Here, it is even more important that you have an experienced hosting partner at your side to ensure the security of your online store.
How you can protect yourself from attacks
With Host Europe’s Sucuri Website Security package, you can protect your online store from skimming attacks and malware threats. It includes a malware scanner that scans the website for malicious code and removes any malware. In addition, you can contact Host Europe’s IT security experts at any time and get fast help in case of a technical problem.
In addition, you can take further measures to protect your business and your customers’ sensitive data:
- Only install web applications or CMS components from trusted sources.
- Keep all your programs, tools and apps up to date at all times.
- Use powerful virus scanners and firewalls.
- Encrypt all data and keep encrypted data separate from the key.
- Create complex and different passwords for your admin accounts at store system, web hosting and external tools.
- Limit user rights to the necessary minimum and keep track of all users who have access to your services.
- Filter user input and query parameters to prevent injected code from third parties.
- Use payment gateways that are PCI DSS compliant.
- Follow IT news to stay informed about new security vulnerabilities and implement the respective recommendations to fix them.
