FIND ALL YOUR CYBER SECURITY ANSWERS ON OUR WIKI PAGEThe Cert2Connect wiki for a clear overview of terminology and the many abbreviations in the cyber, cloud and software security landscape.
Web skimming, also known as "Magecart attacks", refers to a form of cyber attack in which attackers inject malicious code into e-commerce websites to steal customer payment information. These attacks target online shopping carts and payment pages of websites to pass sensitive information, such as credit card information, to the attackers.
Here's how it typically works:
2. Data theft: The malicious code collects information from the payment details entered, such as credit card numbers, expiration dates and security codes, as customers enter these details during the checkout process.
3. Data forwarding: The stolen data is forwarded to the servers controlled by the attackers, where they can use the data for fraudulent activities, such as performing unauthorized transactions.
4. Web skimming attacks can cause significant damage to both e-commerce companies and customers. It can lead to financial loss, reputational damage and loss of customer confidence. Protecting against web skimming requires regular website security audits, updating software and patches, and implementing security measures such as Web Application Firewalls (WAFs) to detect and prevent such attacks.