Saturday, September 29, 2018

Online shoppers, beware of this big credit/debit card fraud around Diwali season



With the upcoming festive season in India, more and more people are gearing up to shop online to avail discounts, EMI plans and other offers. The annual sales held by e-tailing giants like Flipkart and Amazon boost online shopping. And as the volume of online financial transactions goes up, scamsters too get active to hack websites and trick shoppers to reveal their credit card details. One of the most common tecnique used by cyber criminals to steal credit card information is 'formjacking'. Cybersecurity company Norton has warned online shoppers of increased 'formjacking' attacks during Diwali season. Here are nine things you need to know about this dangerous hacking technique and how to protect yourself.

Using 'Formjacking', hackers steal credit/debit card information from payments forms on websites

WhatsApp Facebook Google+ Twitter Linkedin
Using 'Formjacking', hackers steal credit/debit card information from payments forms on websites
Formjacking is the term given to describe the use of malicious JavaScript to steal credit/debit card details and other information from payment forms on the checkout web pages of e-commerce sites.

Formjacking is essentially a JavaScript code that collects your payment details

When a visitor of an e-commerce site clicks “submit” or its equivalent after entering their details into a website’s payment form, malicious JavaScript code that has been injected there by the cyber criminals collects all entered information, such as payment card details and the user’s name and address. This information is then sent to the attacker’s servers. Attackers can then use this information to perform payment card fraud or sell these details to other criminals on the dark web.

Hackers used Formjacking to hack British Airways website recently and stole 3.8 lakh credit card details

The recent attack on British Airways and Ticketmaster websites was caused by formjacking attacks. This led to theft of credit card details of 3.8 lakh users.

WhatsApp Facebook Google+ Twitter Linkedin
How to protect yourself: Use strong passwords and avoid using same passwords

Protect your accounts with strong, unique passwords that use a combination of at least 10 upper and lowercase letters, symbols and numbers. Don’t use the same password on multiple accounts in case an account is breached.

How to protect yourself: Don't open email, attachments from unknown people

Think twice before opening unsolicited messages or attachments particularly from people you don’t know or clicking on random links. The message may be from a cybercriminal who has compromised your friend or family member’s email or social media accounts.

How to protect yourself: Change default password of your home internet devices

When installing a new network-connected device, remember to change the default password. If you don’t plan on using the Internet feature(s), such as with smart appliances, disable or protect remote access when not needed. Also, protect your wireless connections with strong Wi-Fi encryption so no one can easily view the data traveling between your devices.