
Skimming is not a new word to the cybersecurity industry. Earlier, skimming referred to stealing payment data from ATMs by attaching a physical ‘skimmer’ to ATMs. Now, with the evolving payment landscape, skimming has also been evolving into online skimming and targeting e-commerce sites.
Online skimming is an adverse activity of stealing payment information from e-commerce websites by infecting specific sites with sniffers/ Java Script sniffers. Once the malware is injected, it is very hard to detect the traces of it on the website. JS skimmers work as independent teams, develop their malicious JS skimming code, and sell it to the highest bidder in the dark web.
Earlier, in April 2019, Visa Payment Fraud Disruption’s (PFD) e-commerce Threat Disruption (eTD) found 8 e-commerce websites infected with JavaScript skimmers/sniffers. After detecting initial skimming attacks eTD found a shocking number of 17000 e-commerce websites infected with JS skimmers.
The cyberattack after infecting 17000 websites, evolved into an even more sophisticated data-stealing activity. Again, in September 2019, eTD found a new JS skimmer with many novel features.
The advisory details out how ‘pipka’ the new JavaScript skimmer has evolved to perform data breach menace. Then the advisory suggests the steps that must be taken by e-commerce merchants and services providers to prevent pipka or any other JavaScript skimmer from intruding and stealing customers’ payment data.
Get your copy now!
SISA is a Leader in Cybersecurity Solutions for the Digital Payment Industry. As a Global Payment Forensic Investigator of the PCI Security Standards Council, we leverage forensics insights into preventive, detective, and corrective security solutions, protecting 1,000+ organizations across 40+ countries from evolving cyberthreats.
Our suite of solutions from AI-driven compliance, advanced security testing, agentic detection/ response and learner focused-training has been honored with prestigious awards, including from Financial Express, DSCI-NASSCOM and The Economic Times.
With commitment to innovation, and pioneering advancements in Quantum Security, Hardware Security, and Cybersecurity for AI, SISA is shaping the future of cybersecurity through cutting-edge forensics research.