As we advance our digital lives, threats we face on a daily basis are getting more and more sophisticated. Cybercriminals are always looking for new ways to steal from people. Sometimes it is personal information that is sold on the dark web for monetary gain and other times there are direct attacks on people's bank accounts.
Cybercrimes are extremely dangerous as they do not involve physical contact between the victim and the perpetrator. The criminals could be sitting in any part of the world to carry out various kinds of attacks on people, such as phishing, scams and stealing through malware. FBI is warning people about a new online threat that could potentially empty your bank accounts.
What is e-skimming or Magecart?
Skimming of debit cards is a known trick to steal from unsuspecting people. But FBI is warning about e-skimming, which can be extremely dangerous. According to a CNBC report, cybercriminals can break into a web server that supports online shopping websites. Once hacked, people shopping online on those compromised websites are at huge risk of losing their money.
"It's hard to put really — definite numbers around it. But one thing we know for sure is that millions of credit card numbers have been stolen, even over the course of the past two years," Herb Stapleton, section chief for the FBI's cyber division told CNBC.
Hackers use the compromised websites to skim for credit card, banking and personal information, which can fulfil their monetary desire. The report suggests popular brands have been victimized by e-skimming. They include Macy's, Puma's Australian website, Ticketmaster's UK website and British Airways.
"It's nearly impossible for a consumer to detect that this has happened to them before the actual occurrence. The site that they would look at, which is already infected, would look no different to a consumer," Stapleton added.
Randy Pargman, senior director for threat hunting and counterintelligence at Binary Defense, said any retailer with a significant online presence and accepts online orders is concerned about e-skimming.
How to protect yourself against e-skimming?
The best practices of online shopping or digital transactions all apply here. In addition, there are a few factors that need to be practised every time you go online to buy a product.
- Using a credit card has lower liability for fraud
- Ask your bank for a virtual credit card, which can be used for specific transactions or merchant
- Always (always) go through your statements for unusual transactions
- Always make sure the website has 'https' certification
- Identify a fake website by clicking on the social and other buttons on the website
For end users, it is not easy to identify fake or compromised website, which is why companies should step up their cybersecurity efforts.
"There's records of what's happening on the web server. You need to monitor those to make sure that there's no signs of an attacker who's logging on and taking control of the web server," Pargman noted.