Digital Skimming Increases by 50%, Just in Time for the Holiday Season

Digital Skimming Increases by 50% Just in Time for the Holiday SeasonSecurity researchers identify growth in the use of an ongoing cyberskimming campaign that involves compromising legitimate website checkout code.

We’ve all seen a video that shows someone fidgeting with a credit card terminal only to pull off a very realistic molded cover that looks identical to the actual device beneath it complete with its own circuitry to read and store credit card swipes. Now take that very same idea and put it into the digital world. 

What would a digital skimmer look like? According to security researchers at Malwarebytes earlier this year, it appears as benign code within legitimate webstore checkout code. A recent news release from Malwarebytes states they’re now seeing 50% higher instances of this mode of attack in just a single month, “demonstrating a huge uptick in both compromised sites and opportunity for innocent shoppers to fall victim.”

The problem here is that online shoppers – like their gas station skimmer counterparts in the real world – won’t know or suspect anything until that unauthorized charge comes through some time later. Plus, you won’t know where the breach of your credit card data occurred.

But this attack speaks to a much larger issue; that cybercriminals are getting really good at injecting code into a legitimate checkout process and can do whatever they want. That means it’s possible to see this kind of attack expand to include launching infostealers, leveraging social engineering through ads on the checkout pages, and more all to obtain more from the potential victim buyer than just their credit card.

So, while you can’t do much to stop from becoming a victim of digital skimming, you can still remain vigilant – something taught continually in new-school security awareness training – when online to reduce the likelihood of becoming a victim this holiday season.

KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Get Your Free 2023 Holiday Security Awareness Resource Kit

It's the busiest time of year for everyone, especially cybercriminals. They know surges in online shopping, holiday travel and time constraints can make it easier to catch users off their guard with relevant schemes. This makes one of the busiest times of year one of the most important times for your employees to stay vigilant against cybersecurity threats.

 That's why we put together this resource kit to help ensure no chunks of cyber-coal end up in your employees’ stockings this season! Use these resources to help your users make smarter security decisions every day.

Holiday-Resource-Kit-2023Here's what you'll get:

  • New! Holiday Cybersecurity World Passport interactive game
  • Two free holiday training modules, available in multiple languages
  • Resources to share with your users, including an educational video, plus security documents and digital signage to reinforce the free modules included in the kit
  • Newsletters about holiday shopping and travel safety for your users
  • Access to resources for you to help with security planning for the upcoming year

Get Your Free Resource Kit Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews