As businesses increasingly rely on online transactions, cybercriminals have developed a scheme to exploit this process and steal sensitive information. This growing cyberthreat, known as formjacking, poses significant risks to businesses; it is difficult to prevent and can lead to major financial losses and reputational damage.
Formjacking is a cyberattack method in which a threat actor injects malicious JavaScript into a website, often one that contains an online payment form. Once the targeted page has been compromised, the added code allows the hacker to collect sensitive data, such as credit card numbers, addresses and phone numbers. This data is sent to the cyberattacker’s domain after unsuspecting users enter their information and click “submit” to complete a transaction. Malicious actors can then use the stolen data in identity theft schemes, payment card fraud scams and account takeover attacks, or sell it to other criminals. Stolen information can also be used to create fraudulent accounts and distribute malware. The hacker’s code may be loaded through various methods, such as by exploiting a vulnerability in a business’s website, employing a phishing scam in which the cyber intruder gains access to a company’s checkout page, or compromising a third party’s app or JavaScript used by a business.
According to software company Symantec, approximately 5,000 websites are compromised with malicious formjacking code each month. Formjacking attacks can damage an organization’s reputation and result in regulatory penalties.
Although detecting malicious formjacking code and preventing attacks can be difficult, there are several measures businesses can take to identify potential issues and reduce the risk of this cyberthreat. Organizations can consider these four strategies:
- Practice cyber hygiene. Organizations should keep software, patches and extensions up to date. Establishing a content security policy and using firewalls and subresource integrity tags can also help prevent the injection of malicious data onto business websites.
- Scan and audit website code regularly. Organizations should frequently scan and audit website code to check its integrity. Furthermore, monitoring and analyzing web logs and JavaScript behaviour can help organizations detect malicious activity, and checking where a browser is sending data is also key in stopping formjacking attacks.
- Utilize cyber defence techniques. Organizations should leverage cyber defence measures such as obfuscating JavaScript to make code more difficult for cyberattackers to understand. Implementing network segmentation can also limit network exposures and malicious actors’ lateral movement capabilities.
- Implement ongoing cybersecurity measures. Organizations can limit exposures by thoroughly testing websites before they are publicly launched, executing penetration testing to discover vulnerabilities, and monitoring the supply chain to ensure vendors whose code is being used follow cybersecurity best practices.
Did you know that 60% of small and medium businesses don’t survive after a cyber attack? Protect your business with Cyber Insurance, call us at 780.424.2727 or click here to get a quote.