Beware of credit card theft when shopping online at websites
Formjacking, often also known as e-skimming or credit card skimming, is a tactic used by hackers and scammers to hijack online purchase forms in an attempt to steal personal and financial information from victims while they shop. on legitimate online shopping websites.
What is formjacking scam?
Formjacking is a relatively new online scam, which came to the attention of the general public in 2018 and 2019 after several major online retailers, including Target and British Airways, were hacked and the private credit card information of hundreds of thousands of customers were robbed.
How does the E-Skimming scam work?
Form hijacking scammers have also been known to hijack third-party shopping cart providers, allowing them to leak banking and credit card information from multiple online stores at the same time.
The hacker can then use the collected information to place orders online. Often the data will be sold online to other parties and may make the victim the target of other online scams in the future.
How do credit card fraudsters find victims?
Both large and small online businesses have fallen victim to e-skimming hacks and there doesn’t seem to be one specific type of buyer that is targeted more than others.
The hackers behind formjacking are often called Magecart hackers, after the software used to perform e-skimming hacks. However, there is no single Magecart organization. Many independent individuals and groups commit these attacks.
Larger online businesses offer the potential for more formjacking victims, although their sites may be more difficult to hack due to increased security.
Small online stores, such as craft stores, may have fewer customers, but they also generally have less security than larger organizations and are therefore much easier to hack. On smaller sites, these hacks can go unnoticed for a longer period of time.
How can I avoid being involved in this scam?
There are several ways to avoid being a victim of formjacking when shopping online.
- Use Apple Pay or Google Pay. Both services completely hide your credit card information when you shop online.
- Use PayPal. PayPal and other similar online financial services are mostly protected from form hijacking because they don’t require you to enter banking information.
- Register your payment information on the website. If your credit card information is already linked to your account, you won’t need to enter it on the form. However, your financial information may be exposed if the website or database is hacked.
- Check the security status of the website. Although not a complete guarantee, if the online store’s website address begins with https and not http, it may indicate a higher level of security. A lock icon next to the address bar also indicates that a site is using security measures.
- Use a privacy-focused web browser. Some browsers, like Brave, emphasize privacy and security and disable many scripts by default.
- Check your bank statements. The easiest way to make sure your information hasn’t been stolen or sold online is to review your financial statements monthly for suspicious or unusual transactions. You may also want to monitor your credit score.
I am already a victim. That I have to do?
If you think you have been a victim of credit card theft or wire theft, the first thing you should do is contact your bank or credit card provider and place a freeze on all future transactions.
Your credit card provider, depending on the type of card you use, can also reverse any suspicious charges that have been made. You’ll probably be encouraged to get a new credit card because once your credit card information is exposed, it’s almost impossible to secure it again.
If you also entered your phone number in the hacked form, you could become the target of many phone scams, such as the Google Voice code scam, social security calling scams, and the 833 area code scam. watch out for suspicious phone calls.
You can also tell the website owners where you think your information was taken from, as they may not be aware of such a hack.
How can I avoid being targeted by the formjacking scam?
Fortunately, scammers and hackers do not target individuals, as the entire scam is focused on attacking vulnerable websites. You can reduce your chances of falling victim to a hacked website by not entering your personal information and credit card details whenever possible and by following the tips mentioned above.
While it is a different type of online scam, you should also be careful not to be scammed by fake websites that are designed to look exactly like the official sites and are designed to steal your financial information in the same way as e-skimming. or form jacking.