E-skimming
E-skimming, sometimes known as Magecart, is a relatively new phenomenon – but its premise is pretty old-hat.
Hackers develop malware designed specifically to infect ecommerce websites. They sit behind the checkout page and collect all the information that customers enter. That could be anything from credit card details to addresses, phone numbers, emails, and passwords.
This malware can be hard to detect, and will hang around for a long time. Last year, London-based clothing company Páramo was infected by e-skimming software, which stole the names, addresses, card numbers, and CVV codes for more than 3,500 customers in eight months.
Even more concerning is that Páramo employed Security Metrics, an approved security scanning vendor, to scan the site for problems. Páramo only discovered the problem after 18 customers reported to PayPal that they had been victims of fraud.
