Formjacking attacks can steal your banking details
When you use your credit card to buy something in a shop, pay for your delicious dinner at that new restaurant your friend recommended, or to withdraw some cash from an ATM machine, you do not normally think of credit card skimmers. Most businesses ensure the safety of their customers by controlling physical access to the terminals, to help avoid possible tampering. However, shopping online has become increasingly important in the last years and millions of transactions are happening this way every single day.
Malicious cybercriminals realised this phenomenon and started to implement their credit card skimming techniques on the internet, and which we call “formjacking” attacks (as they hijack the virtual forms implemented on websites).
Websites use a complex set of technologies that make it difficult to totally protect from hackers, in a nutshell, attackers take advantages of small errors in these different components that websites include (external or internal to their service) and introduce code snippets that do not interfere with the functionality of the websites but allow them to implement their attacks.
Multiple companies have suffered these attacks, and many of them do not even realize until a large set of their customers’ payment details have been compromised. At Norton Labs, we developed a method to monitor and detect these behaviours by analysing how the distinct parts of the website and their corresponding code interact with the credit card data that is introduced on their forms. We observe and scrutinize the forms that interact with user data. In this way, we can expose new attacks that may extract this information maliciously.
Detecting these types of attacks is close to impossible for users, as the changes implemented by attackers are normally not visually perceptible and do not generally interrupt the usual shopping flow. To solve this problem, we implemented a new feature in Norton Safe Web, that will help us inform our customers about possible attacks in real time.
Norton Safe Web helps you surf, search and shop more safely online. It analyses websites that you visit and helps detect if there are any viruses, spyware, malware, or other online threats.
Based on the analysis, Norton Safe Web provides safety ratings for websites, before you visit them. Now, Norton Safe Web has new features to help protect in new ways.
Should you use the Norton Safe Web browser extension? Yes!
Not everyone likes browser extensions, and some can feel unnecessary or intrusive. However, there is one browser extension that is very important to help protect you on the Web, and that is the Norton Safe Web extension.
Check out our Norton products with Norton Safe Web at our great prices: https://simplyantivirus.co.uk/collections/norton-antivirus-security