Formjacking

What is Formjacking?

Formjacking essentially involves an attacker placing malicious code onto a normally reputable website that steals the personal information you enter – in other words, an online or virtual credit card or ATM skimming device. This practice has successfully targeted businesses of varying size, though small to medium sized retailers are more frequent victims. Attackers often gain access through third party add-ons and plug-ins that are part of a business website. Formjacking can target any type of online form, so not only credit card and banking information may be stolen, but also social security numbers, passport numbers, and more. According to estimates, thousands of websites have been affected.

How to Recognize This Threat: Users will likely not notice this at all until later discovering fraudulent purchases via credit card or bank statements. And businesses whose sites have been compromised may similarly find themselves unaware for lengthy periods, as the malicious code may not be noticed until an update to website code is made (which could be a several month timeframe). Businesses can potentially identify this sooner if they closely monitor outbound traffic for suspicious activity – providing them a cue to dig deeper.

How to Prevent This Threat: Consumers can take measures to protect themselves, like using a dedicated credit card for online purchases only to more quickly identify suspicious purchases. Avoiding the use of a debit card online is also helpful, as fraudulent purchases are better protected when using credit cards. In addition to strong visibility, businesses should have complete network security solutions in place to make it as difficult as possible for an attacker to gain access to place malicious code. That means a firewall with security services including a web application firewall, regularly updated software, and a close watch on any third party plug-ins used in web development.