Web Skimming: Rising Security Concern and Hacker Threat, Tips to Prevent It
Hikvision on Hacks, Malware, Juice Jacking and Protecting Yourself Online
Web skimming, also called e-skimming, is a rising security concern and threat from hackers that is covered in the SecurityInfoWatch.com article, “The biggest threat this holiday season isn’t coal in your stocking—it’s web skimming.” The article also outlines ways to protect your data and keep it safe.
Web skimming is a form of Internet and card payment fraud that uses malware and phishing tactics, often on a third-party host of popular JavaScript code, as a way to breach websites and steal payment information.
From the article: “Third-party script repositories can make for easy targets as they don’t always undergo stringent internal security vetting, but the scripts they host still run in the browser alongside all other website code with the same level of access. Unless a security team puts strict policies in place, any scripts—both that created in-house or those created or hosted by a third party—can access any data within the webpage, including information customers enter forms or stored in cookies. When hackers can compromise a script, they are able to copy the user’s information entered forms and send it to another location where it is then used in other types of attacks or resold on the dark web.”
The article offers the following tips to keep your data safe:
- Make the websites you visit regularly more transparent using free Chrome plugins. “The plugin makes it easy for you to see if a website you visit has third parties currently accessing your private information, whether from form fields or stored in the site’s cookies. The plugin specifically shows you what pieces of information are accessible (such as your username, password, or credit card number) and which third parties are accessing them,” said the article.
- Use secure online vendors and do not purchase items from websites that are sharing your payment details with third-parties.
- Use a complex and unique password for every login.
Poor password habits make consumers more vulnerable to hacks. “Research shows 66 percent of people reuse the same password for multiple accounts, and 83 percent rely on short, weak passwords,” from the article.
Click here to read more.
Hikvision on Hacks, Malware, Juice Jacking and Protecting Yourself Online
Hikvision recently posted a list of common cyber threats and links to articles that offer tips to avoid hacks and other security concerns in this blog: “NRF Releases Shopping Statistics, Hikvision Cyber Tips to Avoid Security Concerns While Shopping In-Store and Online.” Below are insights from the article:
- Juice-Jacking: Avoid juice-jacking while in malls or airports by avoiding the use of public USB charging stations. Juice-jacking happens when someone connects their mobile device to a USB charging station that charges the device, but has also been modified to copy data from the mobile device, like photos and text messages, or infect the device with malware. Read more about what it is and how to prevent it at this link.
- Phishing: Phishing attacks have long been an effective way for attackers to trick people into divulging sensitive information or infecting a system with malware. Malware can give an attacker remote access to protected systems and networks, encrypt a user’s data and charge a ransom to decrypt the data, or use that system as part of an attack against other systems. Learn to identify common phishing attacks in this blog.
- Spear Phishing: Spear phishing is a special kind of phishing attack that targets a specific person or organization. Spear phishing emails typically have information about the victim in the email that makes the email seem credible. Click here to read more from our cybersecurity director about this type of phishing, and how to avoid it.
- Protect Yourself Online: Using complex passwords and not reusing passwords across multiple sites or logins will help you stay safe online. The most important aspect of a passphrase is that they should be long—at least 12 characters. Read this blog that outlines more insights to stay safe with good passwords, web browser security and firewall security.