When you are shopping online, are you completely alone? We hear that hackers have been able to infiltrate websites to obtain payment information all the time, but how do they do it?
All in the Code
Cybercriminals are always improving their craft by finding new ways to disguise their malicious code on websites. Back in the day, a chunk of gibberish text would need to get hidden, but now it’s planting a seed with a tiny bit of code on a website for the hack to begin.
“Traditionally, criminals use devices known as card skimmers—devices hidden within credit card readers on ATMs, fuel pumps, and other machines people pay for with credit cards every day—to steal credit card data for the criminal to later collect and either use themselves or sell to other parties,” Yonathan Klijnsma writes.
A great example is an online grocery store, asainfoodgrocer-dot-com, perfect for picking up some broccoli to go along with dinner or a pound cake for coffee in the morning. When you are ready to check out, embedded in the code of this site is a digital card skimming code “zoobashop-dot-com”.
Sites like publicwww.com help people search the internet for websites that run snippets of specific code so that they can avoid pages with malicious script on them.
Website spoofing is building a hoax website with the intention of misleading users to entering their personal information such as credentials or payment details. Hackers can create a malicious domain that looks similar to the original website to collect data on those they tricked.
A website, bargainjunkie-dot-com was spoofed to bargalnjunkie.com, using a lowercase l in place of the i. Since people are constantly clicking and going from one screen to the next, they probably wouldn’t even notice slight differences such as these — and hackers are counting on it.
How are you securing your digital life? Are you taking the proper precautions when entering a website? Before inserting your payment information? When you are checking on your bank accounts? As most of our sensitive data is online, you need to know how to properly guard your information. Prilock’s Security Awareness Training goes into depth on
what to do and the psychology behind the cybercriminal schemes. Some antiviruses will detect malicious script on web pages and block the user from entering such compromised sites, but it is best to learn what to avoid and how to navigate safely through the internet with our training course.
Original Article Found Here.