Have you heard of formjacking? I’m going to go out on a limb here and say probably not. Formjacking is probably the biggest type of credit card cybertheft you’ve never heard of. It’s a relatively new form of digital information theft caused by hacker attacks on commercial websites involved in e-commerce and other activities that collect customers’ personal information.
Formjacking is still pretty new, having just come to light in 2018. The attacks take place by inserting malicious code into e-commerce or other website. The code is then responsible for stealing or capturing payment information such as credit card details, names, and other personal information. Sometimes the information is obtained by the hackers as soon as you enter it in the fields of the web page instead of capturing it at the time of sending it for further processing. The data is submitted to the correct end-user, but it’s also transmitted to the data thieves as well. You’ll never even know that your data has been transferred to hackers because the transaction you are making is completed as expected.
According to the Symantec Internet Security Threat Report 2019, formjacking attacks hit 4,818 unique websites every month in 2018. The last two months of 2018 saw over a million formjacking attempts. The data from a single credit card is being sold for up to $45 in underground markets on the Deep web.
There are no telltale signs to determine if a site is infected with formjacking code. Your best strategy—unless you’re prepared to stop shopping online altogether—is to stay vigilant and watch for signs your data has been compromised.
What can you do to protect yourself and your credit card information?
- Examine your credit card statements carefully each month for transactions you don’t recognize and alert your creditor immediately if you see any suspicious activity.
- Keep an eye out for unexpected drops in your credit scores, which can be a sign of fraudulent activity, including unauthorized use of your credit card accounts and bogus credit applications made in your name.
- Consider using a credit monitoring service that can proactively alert you about activity on your credit accounts before you even notice them yourself.
- Don’t use a non-secure URL (without https://) to shop online.
Browse safely and stay vigilant! If you ever have any questions about your Litchfield Bancorp accounts and suspicious activity, please don’t hesitate to contact us.
Stephen Yonych Jr.
Assistant Vice President, Watertown Manager