Online shopping is quick and convenient, but there are hidden dangers lurking beneath the surface. Researchers have been monitoring ongoing web skimming campaigns that target businesses linked to major payment networks. Web skimming involves injecting malicious code into checkout pages, allowing criminals to steal payment information entered by shoppers.
These attacks go unnoticed during the browsing experience, and many people only realize something is wrong when they see unauthorized charges on their statements.
Understanding Magecart
Magecart refers to a group that specializes in web skimming attacks, focusing mainly on e-commerce sites where payment information is submitted. Instead of targeting banks or card networks directly, these attackers insert malicious JavaScript into a store’s checkout page to capture sensitive information like card numbers and expiration dates. Because everything appears to function normally, it’s particularly difficult for consumers to detect.
Who’s at Risk?
This ongoing campaign is reportedly aimed at merchants associated with several large payment providers, which include:
- American Express
- Diner Club
- Discover
- JCB Co., Ltd.
- MasterCard
- UnionPay
Companies that utilize these payment methods face significant risks due to the complexity of their websites and third-party tools.
How Do Attackers Gain Access?
Attackers often exploit overlooked vulnerabilities—like insecure third-party scripts or outdated website components—to inject their code into checkout flows. Once they gain access, the skimmer quietly tracks any form field containing payment information and sends it to the attacker’s server.
Why Detecting These Attacks is Tough
The malicious code is often designed to be difficult to identify. Some versions can even erase an admin session upon detection, masking the signs of a breach. Additionally, this campaign utilizes “bulletproof hosting,” which ignores abuse complaints and allows attackers to operate with relative freedom.
Who Gets Hurt?
Magecart campaigns affect multiple parties:
- Shoppers who unwittingly provide their card information
- Merchants whose checkout systems have been compromised
- Payment providers, who only detect fraud after losses occur
This interconnected risk makes it slower and more challenging to identify and address problems.
Tips for Safe Online Shopping
While consumers can’t fix compromised checkout systems, adopting certain habits can help shield them from fraud.
1) Use Virtual or Disposable Cards
Virtual and single-use card numbers provide an extra layer of security. These numbers are linked to actual bank accounts but do not reveal your real card number. They can be generated by various services, including major banks and mobile wallets.
2) Set Up Transaction Alerts
Real-time transaction alerts can inform you of any card activity, no matter how small. This early warning system gives you a chance to react quickly to potential fraud.
3) Secure Your Financial Accounts
Employ strong, distinct passwords for banking portals, supplemented by password managers, which help in creating and storing passwords securely.
4) Use Strong Antivirus Software
Effective antivirus programs can block connections to domains that facilitate skimming and alert you to unsafe sites.
5) Leverage Data Deletion Services
These services help minimize your personal data exposure online, making it harder for criminals to tie your stolen payment details to your identity.
6) Be Vigilant About Card Activity
Since fraudsters often test stolen cards with small purchases, keep an eye on your statements for any unexpected charges.
Final Thoughts
The Magecart web skimming phenomenon highlights how attackers can exploit trusted online shopping environments without disrupting the buying process. Although individual consumers can’t rectify compromised sites, they can adopt strategies to better protect themselves and detect fraudulent activities early. Trust is essential in online transactions, and this situation underscores the importance of safeguarding that trust.
