FBI warns small and medium-sized businesses and government agencies to protect against E-skimming attacks. The attack focuses on e-commerce websites.
With the E-skimming attacks, an attacker could inject malicious codes into the website that harvests the credit or debit card data or personally identifiable information (PII).
How Attackers Inject Code
The attack impacted e-commerce companies in the retail, entertainment, and travel industries as well as utility companies and third-party vendors.
Attackers can inject malicious code by exploiting a vulnerability in an e-commerce platform or by gaining access to the victim’s network through a phishing email.
The attack also comes through third-party plugins and supply chains of victim website or by exploiting vulnerabilities in the website such as XSS.
“Regardless, once he is in, he can load the malicious code and capture the credit card data in real-time as the user enters it. He either then sells the data on the darknet or uses it to make fraudulent purchases himself,” reads FBI Report.
How Business Protect Against the Attack
- Update and patch all systems with the latest security software. Anti-virus and anti-malware need to be up-to-date and firewalls strong.
- Change default login credentials on all systems.
- Educate employees about safe cyber practices. Most importantly, do not click on links or unexpected attachments in messages.
- Segregate and segment network systems to limit how easily cybercriminals can move from one to another.
What Victims Can Do
- Identify the source of skimming code to determine access point – network, third party, or other.
- Save a copy of the skimming script or malicious loader domain to report to law enforcement.
- Change pertinent credentials.
- Refer to your Incident Response Plan, if applicable