Formjacking is the latest tool of the online fraudsters to steal sensitive card payment details from the vendors. Read on to know more about the latest hacking tool of the fraudsters…
In the ever growing cyber world, hackers have their own tools for online theft of money and sensitive information. Online fraudsters and malicious hackers are getting sophisticated and every year as they figure out a new way to siphon off millions of money from businesses and consumers. Given the latest cybersecurity threats, it’s no wonder that security tops the priority for most of the enterprises’ to-do lists.
Cybersecurity software and services firm Symantec recently released its 2019 Internet Security Threat Report, which lists the types of threats encountered on the internet in the past year. The online fraudsters and malicious hackers, however, have already found an alternative method last year. Formjacking emerged as the greatest threat to ecommerce sites in 2018. According to the report, Formjacking is the “new get rich quick scheme for cyber criminals”.
The report states that “Formjacking attacks are simple – essentially virtual ATM skimming – where cyber criminals inject malicious code into retailers’ websites to steal shoppers’ payment card details,” The report further states that “Symantec data shows that 4,818 unique websites were compromised with formjacking code every month in 2018. With data from a single credit card being sold for up to $45 on underground markets, just 10 credit cards stolen from compromised websites could result in a yield of up to $2.2 million for cyber criminals each month,”
According to Symantec, it blocked more than 3.7 million formjacking attacks on endpoints in 2018, with nearly a third of all detections occurring during the busiest online shopping period of the year – November and December.
Sometimes just 10 credit cards stolen on compromised websites could yield up to $2.2 million for cyber criminals each month, the report said. While compromises on British Airways and Ticketmaster were widely reported, Symantec found from its telemetry data that small and medium-sized retailers – selling goods ranging from clothing to gardening equipment to medical supplies – were often injected with formjacking codes. “This is a global problem with the potential to affect any business that accepts payments from customers online,” the report added.
The following are some of the other key highlights from the report
Cryptojacking is declining. Cryptojacking – a form of attack where cyber criminals run coinminers on victims’ devices without their knowledge and use the CPU power to mine cryptocurrencies – fell by 52 percent between January and December 2018 as cryptocurrency values fell by 90 percent in the same period.
Worms and bots are being used in IoT attacks. Routers and connected cameras were the most infected devices, accounting for 75 percent and 15 percent of the attacks, respectively. A new breed of threats emerged in the form of infection vector in IoT in 2018. India did not figure in the top 10 source countries for IoT attacks.
Malware is on the rise and ransomware worries enterprises. The use of malicious PowerScripts increased by 1,000 percent in 2018, according to Symantec data. Ransomware continued to be a threat for organisations, as ransomware infections of enterprises increased by 12 percent whereas overall ransomware infections fell by 20 percent. India was on the second spot, accounting for 14.3 percent of total ransomware attacks behind China (16.9 percent).