FBI Issues E-Skimming Warning

Skim This Over

Recently the FBI issued a warning against e-skimming threats in response to the increase of attacks on small and medium-sized businesses, as well as against government agencies.  This relatively new form of attack occurs when malicious code is placed within a site that accepts payments.  The payments are rendered via credit or debit cards when entered into the portal and often go unnoticed – for years.

How Does It Happen?

Like so many breaches, it can originate with a phishing email that contains a link that captures login credentials.  Simple passwords and vulnerable websites are also easy targets.  And not to be overlooked, are third party vendors with access to the credentials of a company’s e-commerce platform.

How Are They Caught?

It often takes a while.  And it isn’t until multiple consumers report fraud and their habits are eventually linked to having a site in common.  Not that easy to do, and not that likely to happen.  So, these e-skims go undetected for years.

How Can You Protect Yourself?

As a consumer, be informed about the systems and sites that you use.  Are they updated with the latest plugins and patches?  If you aren’t sure, ask.

And if you are protecting your business, run code integrity checks regularly to review any changes to code on your e-commerce site.  Monitor and analyze weblogs for any changes as well.  Always make sure that your systems are updated.

It’s your job to look out for yourself – and your business.