The US Federal Bureau of Investigation (FBI) detected Magecart attacks, also named e-skimming or web skimming attacks. Public and private enterprises in the United States face Magecart attacks.
The system is: Access, hide and collect!
According to the FBI, since its inception in 2016, Magecart attacks have been augmented in the last 2 years by using various methods. Hackers hide malicious code aimed to collect the payment card information of users while shopping in the company’s online store by illegally accessing and changing it.
So, this type of attack has 3 simple phases. Providing access to a company’s online store, hiding malicious code on it, collecting payment card information of users while shopping via the placed code. They can be a threat to public and private companies and to end-users.
Targets are SMBs and government agencies
According to the FBI’s statement, “This warning is specifically targeted to small and medium-sized businesses and government agencies that take credit card payments online. E-skimming occurs when cybercriminals inject malicious code onto a website. The bad actor may have gained access via a phishing attack targeting your employees—or through a vulnerable third-party vendor attached to your company’s server.”
FBI suggests updating and patching all systems with the latest security software; changing default login credentials on a regular basis; and educating employees about good practices on cybersecurity safety. So, the first goal must be to prevent these attacks before the hackers gain access to sites.
For the end-user, it is necessary to use an antivirus product and to update it periodically. Secondly, they should use virtual card services while doing online shopping. After injecting malicious code into one site, they may spread to thousands of other sites like Picreel, Alpaca Forms, AppLixir, and eGain.