Is your business a target?
Customer details – especially usernames, passwords, and payment information – are valuable to hackers.
Any site using a form to capture details like these is a target.
How’s your security?
Unfortunately, your site is only as secure as your weakest third party.
Even if your internal security is air-tight, any third-party script loaded on your website could be compromised. These scripts, loaded during the checkout, could be skimming card information without you realising.
For this reason, many formjacking breaches last for days, weeks or even months because they are extremely difficult to spot.
Who is behind it all?
Incidents of formjacking have been on the rise in recent months. It is a popular tactic used by certain hacking groups referred to collectively as “Magecart”.
Magecart exploit vulnerabilities to exfiltrate user data to sell on the dark web. One popular way of doing this is to target vulnerable third-party providers in order to access larger, more secure organisations.
Whilst your customers browse and purchase on your website, scripts are loaded from third parties.
If a third party is compromised, hackers then have a way to write scripts affecting your website.
Hackers can then intercept customer card details without you even noticing.
Detecting formjacking breaches
Formjacking can be extremely difficult to detect. Hackers are extremely clever at hiding their breaches. Often this means registering domain names that look legitimate at first glance.
However – all formjacking breaches need to send their data somewhere – and this is how we can detect them.