Safeguarding against E-skimming – The silent troublemaker in online payments

BySubham Paul

Safeguarding against E-skimming – The silent troublemaker in online payments

Sticking to the concept of evolution, bad actors on the web have come up with yet another channel to get their work done. This new threat has grabbed eyeballs after affecting global retailers such as Puma, Macy’s, Target and British Airways and helping hackers steal millions of credit card numbers over the past 2 years. Termed E-skimming, this is one of the latest threats to the cyber community, especially when it comes to making online payments. This article aims at throwing some light on it and the ways for the average internet user to safeguard himself/herself.

What is E-skimming all about?

Similar to its offline counterpart (skimming of credit cards at POS terminals), E-skimming, also called Formjacking, is a mechanism by which a hacker inserts special JavaScript code into the retailer’s website. This piece of code copies the information which the user enters and passes it on to the hacker. This information can be very sensitive, with high chances of including critical financial data such as credit/debit card details. This information is then either used by the hacker directly or sold on the dark web.

Ways to safeguard yourself against E-skimming

  • Avoid providing sensitive information such as date of birth, bank account details, social security number, etc. at places where it is not required.
  • Avoid making payments on websites not having an https protocol.
  • Use reliable payment platforms such as PayPal and Google Pay which fully encrypt credit card information.
  • Disable scripts of your web browser while using the webpage where you shall need to enter credit card information.
  • Try to use browsers that put additional focus on security and privacy. Brave is one such browser.
  • Try to adopt virtual credit cards in making online payments for specific merchants and specific transactions. This is a safer alternative than using debit cards.
  • Watch out for customer reviews suggesting that the website is prone to E-skimming. If you find any such review, make sure you avoid making online payments on that platform until it is officially confirmed to be safe.
  • Keep a periodic check on your bank statements and credit score so that any suspicious activity is detected early.
  • Record the reference/acknowledgment numbers of all order confirmation, payment completion and similar stages for a smoother recovery procedure.
  • In case of any suspicious activity, contact your credit card provider at the earliest.

The above measures can significantly reduce the risk of your joining the already huge list of innocent victims. Stay tuned to our blog for more reads on relevant cybersecurity topics and emerging threats.

About the author

Subham Paul

Subham is a technology enthusiast with keen interests in cybersecurity, automation, data analytics, and information systems. A Computer Science engineer and a former web developer, he is currently pursuing his MBA at IIT Kharagpur. His other interests lie in writing and singing.

2 Comments so far

Neha BhisePosted on6:49 pm - Feb 15, 2020

Thank you Subham for such an insightful article.

Leave a Reply

Social media & sharing icons powered by UltimatelySocial