By Source Defense

Although physical skimming attacks are rising as post-pandemic shoppers return to stores, a new study released this week by Visa Inc. warns businesses that their websites remain a primary target of attackers seeking to steal customer data.

Nearly 75% of fraud and data breach cases investigated by Visa’s Global Risk team involved ecommerce merchants, according to the Visa Biannual Threats Report. Digital skimming attacks targeting ecommerce platforms and third-party code integrations are common. 

“The targeting of eCommerce platforms and third-party code integrations are among the most common tactics utilized by threat actors conducting digital skimming attacks,” the report states. “These eCommerce attack tactics are further affirmation that threat actors are targeting supply chains and third-party service providers with high frequency and exhibiting continued interest in payment account data and personally identifiable information (PII).”

In May 2022, Visa’s Payment Fraud Disruption (PFD) identified a digital skimming campaign in which the threat actors exploited code integrations leveraged by the targeted merchants, such as marketing tools and tracking, that are enabled on the merchant checkout pages. In the incidents investigated by PFD, the third-party marketing tools and scripts were compromised by threat actors, and malicious JavaScript code was embedded into the otherwise legitimate code owned by the third party. The third-party code, which contained a malicious JavaScript skimmer, was then integrated into the merchant checkout page, enabling the threat actors to harvest payment account data entered into the forms on the checkout page.

“These campaigns reflect the need for stringent security controls on merchant websites and checkout pages, and merchants must also ensure that external code is not enabled on sensitive cardholder environments, such as the checkout page on eCommerce merchant websites,” the Visa study states.

Beyond attacks on traditional currency, threat actors are employing new tactics to defraud cryptocurrency users, including malware targeting browser extension wallets for crypto users. 

In February 2022, threat actors deployed malware designed to steal cryptocurrency from victims’ browser extension wallets. The new malware, called Mars Stealer, directly targeted more than 40 types of cryptocurrency digital wallets that work as browser extensions, as well as targeting popular two-factor authentication (2FA) extensions.

How Source Defense Can Help

Source Defense helps online retailers balance superb customer experience with critical security without compromising website performance or stability. We create virtual pages that isolate the 3rd party scripts from the eCommerce website. The virtual pages are an exact replica of the original pages, excluding what the 3rd parties are not supposed to see. We monitor all 3rd party script activities on the virtual pages. If the activity is within the premise of what they are allowed to do, we will transfer it from the virtual page to the original page. If not, we will keep their activity on the virtual pages isolated from the user, thwarting any malicious activity such as digital skimming. 

With attacks on eCommerce websites on the rise, ensuring that your customer’s payment and personal information is protected should be a priority if you want to avoid the implications of a data breach. 

Source Defense protects your website from the growing threat of Magecart, Formjacking, and other digital skimming cyberattacks:

  • Isolating scripts from the page
  • Evading harmful activities
  • Applying best practices
  • Securely enhancing websites
  • Keep benefiting from 3rd parties

Ultimately, the Source Defense platform offers a simple way to manage the 3rd party risk in your digital supply chain and prevent attacks from the client side.Waiting to act is simply waiting to be attacked. Request a demo of the Source Defense platform and get a personalized threat analysis for your business.

PCI DSS 4.0 makes client-side security a priority.

Source Defense delivers a solution for 6.4.3 and 11.6.1 without adding a burden to your security teams.