Hackers & Attackers are 'Formjacking' Thousands of Website to Steal User Data Every Month
CEO Insights Team
Symantec has seen a major uptick in formjacking attacks recently, with publicly reported attacks on the websites of companies including Ticketmaster, British Airways, Feedify, and Newegg by a number of groups summarized as Magecart being the most prominent examples. “Each month we discover thousands of formjacking infected websites, which generate millions of dollars for the cyber criminals,” states Candid Wueest, Principal Threat Researcher, Symantec.
As per the report, India ranks third with 5.7 percent of global detections. Symantec highlights in the report that they have blocked more than 2.3 million formjacking attacks globally in Q2/2019. In the first six months of 2019, users in the US were by far the most exposed to formjacking attacks with 52 percent of all global attacks,
Each month we discover thousands of formjacking infected websites, which generate millions of dollars for the cyber criminals
up from 33 percent in 2018.
With such sophisticated attacks, website owners should be aware as this could generate attached costs for affected organizations resulting from things like customer notification processes and possible fines. In addition to the cost of the data breach, there is also a loss of customer trust and damage to the organization’s brand reputation. This can be especially devastating for online stores which heavily depend on customer orders.
“Consumers often don’t notice that they have become a victim to a formjacking attack as it can happen on a trusted online store with the HTTPS padlock intact. Therefore, it is important to have a comprehensive security solution that can protect you against Formjacking attacks,” adds Wueest.
With sophisticated and stealthy attackers like Magecart, the solution for being safe for website owners is to use several different methods to protect their web presence from formjacking. A baseline standard should be to harden any server or service used for hosting the website. This includes scanning local files for any malicious scripts and implementing change control measures to validate and authorize all changes - similar to classic defacement prevention. They must monitor behavior of all activity on a system that can also help identify any unwanted patterns and allow you to block a suspicious application before any damage can be done.