More than 4,800 websites were compromised each month by the emerging cybersecurity threat known as formjacking.
That’s according to Symantec’s latest update to its Internet Security Threat Report.
Formjacking in itself isn’t a new strategy to steal sensitive data, but its prevalence has increased.
In fact, formjacking incidents grew every month in the latter half of 2018.
Remember ATM skimmers? The devices scammers placed on ATMs that looked like they were part of the machine? They’re designed to allow people to read your credit card details so they could use them for their benefit.
Formjacking is the digital version of that.
Symantec explains that formjacking is “the use of malicious JavaScript code to steal credit card details and other information from payment forms on the checkout web pages of eCommerce sites.”
In 2018, Symantec blocked 3.7 million formjacking attacks.
Formjacking’s growth is thought to be the result of the decline of the value of cryptocurrencies.
“The value of stolen credit card details on the cyber underground is probably more assured than the value of cryptocurrencies in the current climate,” says Symantec.
After all, data from a stolen credit card can fetch up to $45 on the dark web.
The authors of the report say that “just 10 credit cards stolen from compromised websites could result in a yield of up to $2.2 million for cybercriminals each month.”
One of the most well-known examples of formjacking is the hacker group known as Magecart, which has stolen credit card data in attacks on around 800 websites, including British Airways, Newegg, Kitronik, and Vision Direct.
Its most high-profile attack may have been on Ticketmaster, in which the group “compromised a third-party chatbot, which loaded malicious code into the web browsers of visitors to Ticketmaster’s website, with the aim of harvesting customers’ payment data.”
Despite the headline-grabbing nature of the Magecart attacks, Symantec found that small- and medium-sized businesses are the majority of companies affected by formjacking.
“This is a global problem with the potential to affect any business that accepts payments from customers online,” they say.
As seen in the Ticketmaster case, online retailers and e-commerce sites should be especially critical of the security practices of chatbots and customer review widgets—Symantec found that attackers compromised those third-party services the most often.
Plus, the software company advocates for testing new updates in test or sandbox environments, as well as monitoring system behavior.
Don’t let formjackers steal your data. Put these protections in place for your website if you accept online payments.