If you sell your products online, you could be among the newest targets of cybercriminals.

Symantec’s annual Internet Security Threat Report said that in 2018 hackers turned to what’s known as “formjacking” to steal customer credit card details from the checkout pages of e-commerce sites.

As described by The Hill, the scam involves uploading a few simple lines of JavaScript code. When a customer attempts to make a purchase online, the malicious code gathers all their entered data — payment card details, username, contact info — and sends that information to the hackers’ servers, allowing them to commit fraud or even sell them on the dark web.

Cloud computing image

“Symantec notes that while major companies like Ticketmaster and British Airways fell victim to malicious formjacking code in recent months, medium-size retailers tend to be the most widely compromised,” The Hill reports.

Read more.

One response to “Cybercriminals Targeting E-commerce Sites for Credit Card Data”

  1. Jim says:

    This is why certain shopping carts do not allow modifications to the payment page, or using PayPal that loads a new window is usually a good idea. In addition, there are services under PCI compliance that require a web site to have security checks trying to find vulnerabilities and improper code on storefronts.

    One should never store credit card data nor credit card security codes in online stores nor in any server or system.