Around 4,800 websites hit by formjacking each month, Symantec study claims

Around 4,800 unique websites are compromised by formjacking code each month, a report from cybersecurity giant Symantec states.

The 24th volume of the Internet Security Threat Report (ISTR) is an overview of the threat landscape including global threat activity, cybercriminal trends, and motivations for attackers. Analysis is comprised of Symantec’s Global Intelligence network which records events from 123 million global attack sensors, blocks 142 million daily threats and monitors activities in over 157 countries.

In the report, it found formjacking, which is where a cyber criminal injects malicious code into retailers’ websites to steal consumers payment card details, has become very popular. It claims that on average 4,800 unique websites are compromised through this attack, with Symantec helping to block over 3.7 million of these threats last year – almost a third of these came in November and December alone.

Through this method, it is believed cyber criminals have collected up to tens of millions of dollars last year. Gaining access to just 10 stolen credit cards could yield up to $2.2m each month, with a single card selling for $45 in online black markets, Symantec claimed. In the British Airways attack, which had over 380,000 stolen credit cards, criminals could net over $17m.

Symantec CEO Greg Clark said, “Formjacking represents a serious threat for both businesses and consumers.

“Consumers have no way to know if they are visiting an infected online retailer without using a comprehensive security solution, leaving their valuable personal and financial information vulnerable to potentially devastating identity theft. For enterprises, the skyrocketing increase in formjacking reflects the growing risk of supply chain attacks, not to mention the reputational and liability risks businesses face when compromised.”

Also found in the ISTR was that for the first time since 2013, ransomware attacks declined, falling by 20 per cent of levels in 2017. Symantec put the fall of cryptojacking and ransomware down to adoption of cloud and mobile computing; however, this does not mean it is no longer a threat, with attacks to enterprises increasing by 12 per cent in 2018.

Cryptojacking declined by 52 per cent during 2018, due to the reducing appetite for the digital tokens. While it is lower, it is still a popular attack as it has low barriers to entry and minimal overhead.

While moving to the cloud offers some greater protection, poorly configured cloud environments led to 70 million records being stolen or leaked.

The report shows that supply chain and living off the land (LotL) attacks has become popular by cyber criminals, with the number of incidents increasing by 78 per cent on 2018.

These types of attacks enable attackers to keep a low profile and takes advanced detection methods like analytics and machine learning to detect.

Copyright © 2019 FinTech Global

Enjoying the stories?

Subscribe to our daily FinTech newsletter and get the latest industry news & research


The following investor(s) were tagged in this article.