You may have heard of payment cards being cloned to steal money. These attacks involve hackers using a malicious device known as a skimmer. Once fitted on a vending machine or payment terminal, the tool records data from the card’s magnetic strip and memorises the PIN as it is keyed in.

Now, cybercriminals are using a similar technique while operating online. Following the dramatic spike in online payments since last year, attackers are not short of targets. Read on for details on the technique of formjacking and how it puts the private data of individuals and enterprises alike at risk when they use company credit cards to buy services and products online.

What exactly is formjacking?

The term formjacking was coined to describe a prevalent attack type designed to acquire customer banking data directly from ecommerce platforms online. This process involves the stealthy insertion of malicious JavaScript-type code directly into site shopping carts, enabling hackers to intercept card data without raising an alert.

How does formjacking work?

At its root, formjacking works by redirecting customers, sending them to a fake page (which looks exactly like a traditional payment platform online) to steal their banking data. The data theft occurs when customers input payment card details into online forms to finalise a purchase. At the point at which they click “Send”, the harmful code intercepts the data and transmits it to a C2-type server.

Among the personally identifiable information (PII) stolen is usually the card number, expiration date, the cardholder’s name and other details associated with online purchases. The stolen data is then either sold to other cybercriminals on dark web forums, for use in schemes involving credit card fraud, or to make withdrawals of money from spoofed accounts. It’s worth noting that the authentic purchase is completed to avoid suspicion, to the extent that the customer will even receive any products they have purchased.

Who is at risk of formjacking?

Online buyers are among the most common victims of this type of attack, as are company employees making payments via the internet. Cybersecurity experts report, however, that anyone can potentially be a victim. In recent years, this form of attack has harmed multiple websites and damaged the reputation of the companies that operate them.

Perhaps the most high-profile attack on record is one that involved the theft of 380,000 customers’ banking details when the website belonging to British Airways was hit. To battle this cybercriminal technique, many major platforms have now adopted security protocols and countermeasures that allow issues and incidents to be rapidly resolved. However, for numerous small to medium-sized businesses, this is not the case, and their dedicated websites typically lack sufficient protection. This makes them ripe targets for formjackers looking for fresh victims.

Cybersecurity measures you can count on

Galaxkey offers enterprises of all sizes a wide range of innovative tools designed to make online interactions and private data easier to secure. Contact our team today to explore a wealth of options, from electronic signatures to cutting-edge encryption, with a free trial.