The Skimming
Threat

Learn everything you need to know about Magecart and other skimming attacks

Read our whitepaper to learn:

What is digital skimming
(e-skimming)?

“Skimming malware comes in a variety of flavors that are commonly referred to as skimmers, sniffers, or JavaScript sniffers, all of which are very difficult to detect.”

Who is at risk?

Low Risk

Manufacturing

Energy

Distribution & Transportation

Consulting & Legal Services

Medium Risk

Real Estate

Technology & Cybersecurity

Distribution & Transportation

Education

Entertainment

High Risk

Financial Services & Banking

Insurance

Healthcare & Medical

eCommerce & Retail

Travel & Hospitality

Communication, Social Media &
Content Producers

Cryptocurrency Exchanges
& Blockchain

How do skimming attacks work?

Examples of third-party applications
targeted by attackers include:

  • Live chatbots;
  • Customer service functions;
  • Advertising scripts;
  • Marketing forms;
  • Marketing tags;
  • Open source code libraries; and
  • Various other elements loaded by the user’s browser.

During a JavaScript Injection Attack a hacker or malicious user gains website or web application parameters information and can change their values. This allows the threat actor to manipulate the website or application and collect sensitive data, such as PII or payment information.

How do I detect skimming attacks?

Review code and security control configurations to identify potential vulnerabilities and misconfigurations.

Perform security and vulnerability assessments of all scripts and code elements that your websites or web applications load into the browser.

Test web applications for vulnerabilities using assessment tools.

Protect your website by using security control-integrity monitoring, file-integrity monitoring, and change-detection automation systems.

Protect your website by using security control-integrity monitoring, file-integrity monitoring, and change-detection automation systems.

How do I prevent skimming attacks?

Harden and tamper-proof the client-side of your web applications.

Grant data access only to those websites and web applications which absolutely require access to that data.

Carefully restrict access to prevent all unsanctioned scripts and JavaScript libraries from accessing data, to ensure unauthorized access of sensitive data is contained at the browser-level.

Continuously analyze all scripts from the client-side to detect unauthorized activities.

Deploy vulnerability and malware monitoring technologies and processes on the client-side of your web applications.

Implement client-side intrusion prevention policies and procedures to prevent run-time browser-level intrusions in real-time.