The Federal Bureau of Investigation gave an alert regarding e-skimming threats, after attacks on SMBs and government institutions increased.
E-skimming refers to the adding of malicious code on online payment processing websites. The code steals the debit and credit card details of users as they enter the information into the payment websites. The attacker gets the information in real-time as it is silently sent to his controlled domain.
Attacks may be done on any organization using an online payment system. In most cases, companies in the retail, entertainment, travel industries, and utility companies are targeted. Attacks are likewise done on third-party providers, for instance, those that offer web analytics and internet advertising.
Not long ago, Mission Health in Western North Carolina reported an e-skimming attack. The attackers installed code on its e-commerce websites allowing the theft of credit card data of people when they bought health merchandise. For three years, the malicious code on the websites remained undetected.
Attackers use a number of methods to access a website and install their malicious code. They could use a phishing email that contains a clickable link to a webpage that catches login information to the e-commerce system of a company. They could also use brute force techniques to figure the password to the e-commerce system. Or they could exploit vulnerabilities in the e-commerce program. Attacks can likewise take place by means of compromised supply chains or through a third-party seller having e-commerce platform access, like an IT firm or managed service provider.
These attacks are usually detected when many customers complain that they have sustained financial losses after making use of an e-commerce site. Credit card firms could recognize fraud patterns and track them to a particular online payment site, or organizations may notice a suspicious code on their domain or an edited JavaScript code on their website.
The following steps may be taken to minimize risk:
- Keep the payment software program, plugins, and the content management system updated
- Apply patches released by payment software firms immediately
- Activate third-party resource integrity checks via Content Security Policy (CSP) to restrict the use of JavaScript to trustworthy domains.
- Perform code integrity checks regularly to see any modifications to the e-commerce platform code
- Monitor and analyze weblogs regularly
- Use anti-virus software programs or plugins on websites to help track down malicious code
- Make sure that businesses are PCI DSS compliant
- To safeguard against brute force attacks, create strong, unique passwords
- Implement multi-factor authentication to ensure stolen credentials are not used to access the e-commerce platform