Holiday Shopping Season Leads to a Surge in Bank Card Skimming

An increase in online shopping, particularly during the holiday season or mega-sale events like Black Friday and Cyber Monday results in an uptick in credit card skimming.

Anti-malware solutions company, Malwarebytes, warned customers about the occurrence of data theft through malvertising and phishing websites. ‘’Online stores are not always as secure as you might think they are […]. When a merchant website is hacked, any purchase made has the potential of being intercepted by bad actors.’’

Malwarebytes has been following one particular skimming campaign, dubbed Kritec, that witnessed a dramatic surge in October after slowing down in summer.

First discovered by security vendor Akamai in March 2023, the campaign’s deployment is different from other Magecart skimmer campaigns. It injects a malicious JavaScript code into legitimate websites, especially ones built on Magento e-commerce platforms. Hidden within or around the Google Tag Manager script, this heavily obfuscated campaign code easily bypasses detection by security solutions, and exfiltrates stolen data to a threat actor controlled remote server (C2).

Malwarebytes noticed this campaign due to the large number of domain names attributed to it. ‘’The threat actors were also taking the time to customize their skimmer for each victim site with very convincing templates that were even localized in several languages,’’ the researchers revealed.

In addition, the company said that the tactic and technique of the campaign made it near impossible for online users to ‘’realize that their credit card information had just been stolen’’.

The infrastructure for this campaign is located on the IT WEB LTD network (ASN200313), registered in the British Virgin Islands.

Visa, the leading digital and mobile payment network, also warned shoppers, in particular online users, to be careful while shopping online. By following safer shopping practices like avoiding clicking on sponsored ad links, checking copyright information on merchant sites, and setting up multi-factor authentication for payment methods, one can avoid being victims of such scams.