Why formjacking is one of the biggest threats facing businesses in 2019

Why formjacking is one of the biggest threats facing businesses in 2019

Keeping up with the ever-changing world of cybercrime is never easy. 2017 was the year of ransomware rose to global infamy, 2018 saw cryptojacking malware take over, and this year has seen the rise of a whole new threat category — formjacking. Instead of trying to break into your bank accounts, cybercriminals are now intercepting login data before it even gets to its intended destination.

How does formjacking work?

With cryptocurrencies seeing dramatic decreases in value, cybercriminals are turning to more lucrative ways to exploit businesses and individuals. Formjacking attacks intercept information directly from an eCommerce site. With around 5,000 compromised websites appearing every month in 2018, the threat wasn’t widely known then. However, this year has already seen almost four million formjacking attempts, according to Symantec.

Formjacking works by planting malicious code into a website, typically one belonging to an eCommerce provider or any other organization that collects payment information online. The code steals information like payment card details and other personal data. The stolen data is then sent to a hidden server where the criminal will either misappropriate it themselves or try to sell it on the dark web.

Perhaps the scariest thing about formjacking is that attacks have successfully targeted several major businesses, including British Airways, Newegg, Target, and Home Depot, raking in more than $16 million from BA alone. But it’s also important to remember that any organization is a potential target, with smaller businesses being a favorite due to hackers perceiving them as easy targets.

The consequences of formjacking

Unsurprisingly, a successful formjacking attack can have devastating consequences for brand reputation. While customers can normally get their money back when using a credit card, it’s not usually the case with debit cards and other payment methods. And, if the theft happens on a legitimate company website, then customer sentiment is going to plummet. On top of that, there are matters of regulations compliance to think about, and data breaches can lead to huge fines. British Airways is now facing a fine of $231 million for failing to protect its customers’ data.

Who’s behind these attacks?

As with all cyberthreats, there are many individuals and organized crime groups that are involved with the recent spate of formjacking attacks. However, the name you’ll most often encounter is Magecart, which refers to the software most often used to inject malicious formjacking code into eCommerce websites. There are various groups involved in the spread of the malware, including ones that have a very high volume of targets and others that target third-party partners to breach multiple targets. Other groups exclusively go after major brand names, such as BA, to skim hundreds of thousands of payment cards in short order.

How can you protect your business?

Formjacking usually takes the form of malicious JavaScript, but blocking JavaScript can only be done by the end user through a browser extension. Businesses need to make every effort to protect their websites in the first place. This includes using sub-resource identity (SRI) tags to ensure files don’t contain unexpected content, proactively monitoring all outbound traffic, and securing your supply chain. Hackers often operate by targeting a business’s third-party suppliers, such as application developers, so you need to be extremely careful about which organizations you do business with.

Midwest Data Center is your trusted IT partner. We provide proactive cybersecurity solutions and expert guidance to help your business grow without adding risk. Call us today to find out more.

FREE eBook: A comprehensive guide on minimizing downtime!Download here