Formjacking: What it is, and how to protect yourself

You’ve probably heard of bank card cloning as a means of stealing money. In these kinds of attacks, hackers use a device called a skimmer. Once installed on a vending machine or on a payment terminal, the skimmer memorizes the information from the magnetic strip and the PIN of the card when it is entered. One of the latest findings of cybercriminals is formjacking, which is based on a technique similar to skimming, but applied online. Given the dramatic rise in online payments over the past year, this technique primarily targets e-commerce sites and puts the data of people who shop online at risk.

What is formjacking?

Formjacking is the term coined to indicate a new form of attack to retrieve customer banking information directly from online shopping sites. This procedure involves stealthily inserting malicious JavaScript code directly into website shopping carts, allowing hackers to intercept credit card data without arousing suspicion.

How does a formjacking attack work?

The theft takes place when customers enter credit card details into the online payment forms to complete a purchase: when they click on “Send”, the malicious code intercepts all the data and sends it to a server. Among the data stolen is typically the card number, the cardholder’s name, its expiration date, as well as other information commonly used when shopping online. The stolen information can then be sold to other criminals on the dark web, for credit card fraud, or to withdraw money from the spoofed accounts. It should be noted that the purchase will be completed normally and that the customer will receive the products he has purchased.

Formjacking consists in redirecting customers to a fraudulent page, which is  a carbon copy of a traditional online payment platform to steal the banking data provided on  e-commerce sites.

Who are the most vulnerable to formjacking attacks?

Online shoppers are of course among the victims of formjacking, as are people making payments over the internet. Cyber ​​security experts report that anyone can be a victim. Over the past few years, this technique has harmed many websites. The most outrageous attack that resulted in the theft of bank details of 380,000 customers was probably the one suffered by the airline website British Airways. To combat this phenomenon, major platforms have adopted effective countermeasures or protocols that, if necessary, allow security issues to be resolved quickly. However, the same is not true for small and medium-sized businesses: their sites often lack adequate protection and become the preferred target for formjacking attacks.

How to detect and protect yourself from formjacking attacks?

It is often difficult to detect formjacking, but adopting certain measures will help unmask it as quickly as possible and minimize risk:

• Use online banking apps: Check your bank statements to make sure no unusual withdrawals have been made. Questionable transactions can reveal compromised banking data. Activate push notifications informing you in real time about the operations carried out with your bank card.
• Enable 2-Factor Authentication: Create strong and complex passwords to protect all your accounts. If possible, configure 2-factor authentication, as this may be enough to protect you from a formjacking attack.
• Install powerful software to secure your devices: Avira Free Security protects your sensitive data, such as credit card details, against fake and malicious websites.