Credit card skimming in fashion as we dive into holiday shopping


More online activity during the festive season means more opportunities for cybercriminals to sour the mood of happy shoppers. A new report says that credit card skimming is on the rise.

“Online stores are not always as secure as you might think they are, and yet you need to hand over your valuable credit card information in order to buy anything,” Malwarebytes, a cybersecurity company, says.

This means that being careful where you shop might not be enough – if a merchant's website is hacked, any purchase can be intercepted by bad actors. The malicious code can be completely invisible to shoppers.

Malwarebytes says it detected one particular skimming campaign that had picked up pace “drastically” in October. Hundreds of stores have been compromised, the company says.

The so-called Kritec campaign was first discovered back in March, standing out from the rest due to its large volume. These threat actors also took the time to customize their skimmer for each victim site with convincing templates that were even localized in several languages.

“The experience was so smooth and seamless that it made it practically impossible for online shoppers to even realize that their credit card information had just been stolen,” says Malwarebytes.

The campaign slowed down during the summer but came back in October. Malwarebytes measured this activity based on the number of newly registered domain names attributed to the threat actor.

The infrastructure is located on the IT WEB LTD network (ASN200313) registered in the British Virgin Islands.

In short, be careful – especially if you do your online shopping via smaller merchants. Yes, unless you’re able to perform a full website audit yourself, you simply can’t be sure that the platform hasn’t been compromised, Malwarebytes says.

However, if the website looks like it hasn’t been maintained in a while – for instance, it is displaying outdated information such as “Copyright 2018” – you should probably stay away from it.

“Most compromises happen because a website’s content management system (CMS) and its plugins are outdated and vulnerable,” says Malwarebytes.

Late last year, threat actors also actively targeted e-commerce stores to steal data as consumers flocked to online shops for yearly Black Friday deals. Back then, new variants of skimming attacks relied on the heavy use of JavaScript obfuscation.


More from Cybernews:

Gamblers’ data compromised after casino giant fails to set password

Airbus patents device to halt satellite tumbling

LockBit ransom gang behind mass exploitation of Citrix bug, researchers say

Meta, Alphabet, ByteDance must face social media addiction lawsuits

Electric air taxi 'quietly' completes first test run in NYC

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked