Over 4,800 sites hit monthly by cybercriminals for payment data

Thursday 21 February 2019 09:31 CET | News

Security solutions provider Symantec has found that over 4,800 websites were being hit monthly by cyber-thieves who implant code to scoop up payment card numbers.

High-profile victims of these attacks include airline BA and Ticketmaster. More established techniques involving ransomware and mining cryptocurrencies have proved less and less lucrative over time, Symantec said, and as a result online crime groups had turned to scooping payment data.

‘Attack codes’ are inserted either when sites fail to update core software to close loopholes or via insecure third-party apps, such as chat apps, analytics packages or other extras. The line of code enables attackers to monitor payment card info being entered and they siphon it off.

In 2018, Symantec had stopped more than 3.7 million form-jacking attacks. Ransomware was also still widely used, however infections from ransomware had fallen by 20% in 2018 compared with 2017.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Symantec, payment data, ransomware, fraud prevention, cybercriminals, jacking attacks, study
Countries: World

Industry Events