<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1513714122482019&amp;ev=PageView&amp;noscript=1">

2 min read

Magecart: Skimming, Data Theft, and Things to Know

Picture of Madeline Miller Madeline Miller : November 13, 2024

tech stack technology best practices ecommerce security data protection news site performance Magento web scrape trust website vulnerabilities cybersecurity

Today we’re talking about a serious threat to watch out for. Magecart refers to a hacker group that originally targeted global brands using Adobe’s eCommerce hosting platform Magento but has expanded to other platforms and poses a threat to anyone who operates or makes purchases on an eCommerce website. The attack skims credit card information from users by injecting malicious code into already existing code within the browser, making it difficult to detect.  

 

How Does it Work? 

 

Skimming, also known as formjacking, is one of the most common forms of digital data theft. Formjacking is responsible for ¾ of all data breaches, half of which affect the retail industry. This can involve creating fake forms directly on a website’s checkout page, injecting code that digitally skims personal data, or redirecting customers to a fake checkout page, thus sending their sensitive data straight to the hackers who then sell the data or use it to make fraudulent purchases. They can also disguise third-party code which can be much harder to detect and allow scammers access to other vendors as well. 

 

Victims 

 

One example of Magecart fraud injected only 22 lines of code, but resulted in hackers earning 12 million dollars from selling stolen data. Often these scams aren’t detected until it’s too late. The following are a few examples of organizations that have been impacted by this scam: 

 

Magento is a third-party shopping software from Adobe, which is how magecart gets its name. Even to this day, Magento is still the biggest target for these attacks. 

 

British Airways experienced attacks that resulted in 380,000 customers’ data being stolen. Attackers targeted the website as well as the mobile application, they duplicated JavaScript payment forms and modified the form’s destination so they could receive user’s data without detection.  

 

Children’s apparel brand Hanna Andersson experienced an attack that went unnoticed for two months. 200,000 customers were potentially affected, the brand was required to pay $400,000 in the settlement. 

 

How to Avoid an Attack 

 

For businesses, pay close attention to third-party code and ask third-party vendors to do the same. If possible, try to run code on your own server instead. You can also add HTTP Content Security Policy headers to your website’s responses to add an extra layer of protection.  

 

For consumers, try to avoid entering personal data when possible. There are also services that can generate single-use encrypted credit card numbers. Verify your domain URL and you can also use browser plugins that block untrusted sites. 

 

Talk to your developers about the risks of a Magecart attack and how you can work together to prevent it. Virid can offer additional support for your site as well, request a consultation today to learn more about how we can help!