Scoop has an Ethical Paywall
Licence needed for work use Learn More

Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Kiwis warned – ‘formjacking’ on the rise for Christmas

Norton by Symantec is warning Kiwis that Magecart, the attack group behind high profile attacks on Ticketmaster and British Airways is also launching formjacking attacks on other e-commerce sites.

You can read the full blog post here: https://www.symantec.com/blogs/threat-intelligence/formjacking-attacks-retailers.

What? Norton, powered by Symantec, the world’s largest civilian cyber security network, has seen a major uptick in formjacking attacks recently, with publicly reported attacks on the websites of companies including Ticketmaster and British Airways and is warning Kiwi consumers to take heed ahead of the Festive purchasing period.

36 percent of blocks occurred in the last week.

What is formjacking? It’s a term we use to describe the use of malicious JavaScript to steal credit card details and other information from payment forms on the checkout web pages of e-commerce sites. Formjacking is not a new technique, but recent campaigns are interesting as they are large, sophisticated, and have increased dramatically in the last few weeks.

How does formjacking work? When a customer of an e-commerce site clicks “submit” or its equivalent after entering their details into a website’s payment form, malicious JavaScript code that has been injected there by the cyber criminals collects all entered information, such as payment card details and the user’s name and address. This information is then sent to the attacker’s servers. Attackers can then use this information to perform payment card fraud or sell these details to other criminals on the dark web.

Advertisement - scroll to continue reading

Why does this matter? This is a significant and sustained campaign, with activity increasing substantially in the past week. According to Symantec telemetry, since August 13 we have blocked 248,000 attempts at formjacking — almost a quarter of a million instances. However, more than one third of those blocks (36 percent) occurred during the past week — from September 13 to 20 — indicating that this activity is increasing.

© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Business Headlines | Sci-Tech Headlines

 
 
 
 
 
 
 
 
 
 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.