As the holiday shopping sets in, experts warn of e-skimming hacks
As large box stores start their holiday sales by announcing their online offers for clothes, electronics and toys, families too are readying their lists of purchases. But this week FBI has issued a warning about how hackers are skimming information about buyers’ credit and debit cards from online purchases. Skimming card information used to be a regular hack used by thieves to steal information from ATM’s, gas stations and stores when buyers swipe cards for purchases by using a piece of hardware.
Now digital hackers are using e-skimming techniques to steal card information online which does not leave any telltale sign. FBI issued a warning to people during National Cyber Security Awareness Month which specified that small and medium business organizations and government agencies are especially vulnerable. The agency’s note specified that e-skimming is carried out by criminals by injected malicious code into websites by gaining access through phishing attacks targeted at employee level.
Sometimes it is also carried out by sending malicious code through third party vendors attached to e-commerce company servers. Online shopping brings business worth billions for online retailers during holiday season and last year 41.4 million Americans purchased products online during Thanksgiving and Cyber Monday. As per data from National Retail Federation around 89.7 million people did online shopping across the year. After hackers are able to gather employee credentials they can easily put malicious code on the website gather buyer payment information.
According to founder and CEO of cyber-security company Evervault Shane Curran, they collect all information about buyers that company collects from buyers like email address, along with sensitive data like social security number, credit card number and passwords. This hacking is worrisome as buyers have no clue that their information is being stolen as it works behind the scenes. Apparently even recognizable brands are not immune to attacks so cardholders should have purchase alerts on all cards or use third party payment options whenever possible.