Threat actors actively target e-commerce stores to steal financial data as consumers flock to online shops for yearly deals.
Fraudsters capitalize on the uptick in online shopping. Web threats, such as payment card skimming attacks against e-commerce stores, become much more prevalent this time of year.
Zscaler ThreatLabz has observed an uptick in such threats against Magento and Presta-based e-commerce stores. Magento and Presta are e-commerce platforms written in the PHP programming language.
Zscaler shared details of four groups behind skimming attacks with little to no documentation in the public domain so far.
"Most of the indicators related to these attacks have no detection by security vendors," the company said.
These threat actors primarily target retailers in the US, UK, Australia, and Canada. Most of the attacks have a shelf life of more than one month.
These codes are designed to capture credit card information once a customer enters their banking information into the infected site to make a purchase.
For e-commerce store owners, ZScaler advises ensuring they are running the latest version of e-commerce software. To confirm whether the store has already been infected or not, owners can scan their servers for unrecognized new files or modifications to existing files.
"We advise the users to pay close attention to any unauthorized payments made using their payment card and get in touch immediately with their respective payment card or banking authorities in case they notice unrecognized transactions," ZScaler said.
In addition to infecting legitimate online stores, criminals also set up their own fake shops to lure users into spending money directly there.
More from Cybernews:
Subscribe to our newsletter