Formjacking: a New and Lucrative Type of Cybercrime

Blog Image -formjacking

There’s a new type of cybercrime to be on the lookout for, according to the digital security experts at Symantec. They’re calling it “formjacking,” and this relatively simple concept is turning out to be a big moneymaker for hackers and fraudsters. In fact, Symantec calls it one of the fastest-growing and most lucrative forms of cybercrime to emerge in recent memory.

As the name implies, formjacking is the practice of “hijacking” a web form by inserting code that records and transmits the entries back to the offender.

Part of formjacking’s allure to cybercriminals is lower risk and effort compared to other approaches. Ransomware, for example, requires interaction between the fraudster and their victim, and hardware-based credit card skimmers must be physically connected to an ATMs or gas pump. Formjacking code, on the other hand, can be implanted through vulnerabilities in third-party applications like the ones ecommerce sites might use for live chat or visitor surveys.

Symantec says that nearly 5,000 websites are compromised by formjacking each month. While small and medium-sized ecommerce businesses are the most likely victims, both the Ticketmaster and British Airways websites have been the target of formjacking attacks in the past few months.

Over 380,000 credit card numbers were stolen in the British Airways incident. And with a stolen credit card number fetching up to $45 on the dark web, this one attack may have netted up to $17 million for the criminals responsible.

According to Symantec, the best way to identify and eliminate formjacking is for website administrators to regularly scan for entries made by unauthorized users, as well as outbound traffic to unknown and/or suspicious destinations.