Online ATM-style scam puts shoppers at risk — Symantec
PARIS — Online shoppers are at a growing risk from a scam that allows hackers to skim their payment details, cyber security firm Symantec warned Wednesday.
“Formjacking” is essentially an online version of ATM tampering, which allows thieves to grab the PIN codes of unsuspecting customers.
On the internet, hackers inject malicious code into retailers’ websites to steal customers’ payment details when they conclude a transaction, Symantec said in its annual report on cyber security.
Cyber criminals heisted tens of millions of dollars last year thanks to the scheme that targets 4,800 websites every month, it added.
Hackers stole payment details from thousands of British Airways customers in an attack last year.
Formjacking has become a more lucrative option for cyber criminals as the value of cryptocurrency declines, Symantec said.
“Faced with diminishing returns from ransomware and cryptojacking, cyber criminals are doubling down on alternative methods, such as formjacking, to make money,” it said.
Cryptojacking attacks steal from cryptocurrency exchanges and ransomware attacks take over computers of businesses and individuals to ransom them for money.
Symantec said it blocked more than 3.7 million formjacking attacks last year. /kga
Subscribe to INQUIRER PLUS to get access to The Philippine Daily Inquirer & other 70+ titles, share up to 5 gadgets, listen to the news, download as early as 4am & share articles on social media. Call 896 6000.