Table of Contents

    Web Skimmers And Favicons - One Of The Latest Security Concerns in 2020

    Web Skimmers And Favicons

    Malware authors pose a constant threat to the online environment. As technology advances, the amount of new malware is also increasing substantially. 

    Although web skimming attacks have been around for more than four years, researchers have detected one of the most innovative and complex hacking campaigns to date wherein hackers create fake favicons for websites and steal financial details from customers.

    What Is E-Skimming?

    E-skimming is an online hacking fraud which introduces a skimming code on eCommerce payment portals. This code captures personally identifiable information (PII) and credit card data which are stolen from a domain under the hacker's control. 

    These types of attacks have become a major issue for users, companies, and governments. While they’ve been occurring since 2016, these attacks have been increasingly worse over the last few years. 

    The pattern of e-skimming is as follows:

    • Hackers take over third-party payment processing services for online stores and inject malicious code into websites using them
    • User card details are stolen when consumers purchase on an infected website with the help of edited JavaScript
    • Collected credit card details can be sold or used to make deceptive purchases

    Initially, open eCommerce websites were the most impacted web properties but these days, many prominent online stores are also prone to attacks. Hackers can break into the websites directly or into a common server. The fact that users can’t do much to prevent these attacks makes it even worse.

    This has affected eCommerce companies across many industries including travel, entertainment, and retail, among others. The evolving tactics and ever-diversifying codes of hackers are a major threat to the eCommerce space at large. They also target third-party vendors, which provide online analytics and advertisements in addition to customer payment information.

    Fake Favicons - The New Trick In Town

    Favicons are small shortcut icons associated with a particular website. Fake favicons are the latest trick used by hackers to hide their web-skimming operations. A large number of spamming sites have been detected due to this very practice. It’s considered one of the most innovative and complex hacking campaigns ever detected to date. Hackers break into websites and hide the nefarious code, which steals payment card details.

    Based on a US-based cybersecurity firm report, one of the hacker groups took its operation to a whole new level with these tricks. The group was discovered while authorities were investigating a set of strange hacks. Logo images in the browser tabs were the only elements modified on the hacked sites. There was clearly something strange, but the change looked innocent given the new favicon was a legitimate image. 

    The scheme, according to the cybersecurity firm, was that the website served a legitimate favicon file, except for a page with checkout forms. Efforts to build a fake icon hosting portal weren’t previously expected in any e-skimming operations. The group behind this operation went to great lengths to hide its malicious code. However, card-skimming rarely goes unnoticed.

    How To Avoid This Threat

    The e-skimming threat is mainly targeted towards small and medium-sized businesses, government agencies, and companies offering online payments. Fortunately, there are several preventive measures that webmasters and administrators can take to prevent these infiltrations:

    • Avoid clicking on anonymous emails as they’re easily circulated and may automatically download the attachments 
    • One of the easiest targets for attackers is network infrastructure devices. Therefore, segregate and segment networks
    • Keep your software updated. Ensure you update software as soon as patches or updates are available. This helps protect your phone, computer, or any digital device from attackers
    • Even when hackers obtain your information, they may not be able to access it when multiple-factor authentication (MFA) defends it. MFA simultaneously uses multiple personal pieces of information to verify your identity
    • Keep your passwords strong on all devices. Change your default credentials with unique passwords
    • End-users can use the one-time payment card number for each transaction. Transactions can be done via “virtual cards”

    Still, there’s no single solution available for defending against e-skimming attacks and they remain a serious threat to online payments. Accordingly, blocking hackers long before they access sites is the best defensive measure.

    Bottom Line

    In the digital era, the vulnerability of personal data remains high. Luckily, threats and attacks can be avoided with the right precautions. Companies must be aware of these e-skimming threats by taking active measures like constantly monitoring servers and implementing system updates to avoid falling prey to these nefarious practices. 

    If you’ve fallen victim to e-skimming, save a copy of the malicious script by discovering the source and contact law enforcement for immediate help. To ensure better online security and privacy, be sure to stay on top of these developments while appreciating the very real dangers of e-skimming and fake favicons.