Security & Fraud

eSkimming Malware Attacks On The Rise

eSkimming Malware Attacks On The Rise

With the popularity of eCommerce, a cyberattack called eSkimming has become more of a frequent occurrence. Skimmers had long been a risk for consumers at the ATM or the gas pump, but the practice has become more advanced. Hackers can now steal data in a more lucrative way through an attack called Magecart, CNBC reported.

The first arrests for the crime were announced just this week, with Interpol saying it arrested three Indonesian individuals who reportedly breached hundreds of eCommerce shopping sites. The suspects are accused of swiping personal data like phone numbers, addresses and names, as well as payment information.

Firms of all sizes have been impacted by eSkimming attacks in the past two years, including the Australian Puma website in April, Macy’s in October and the U.K.’s Ticketmaster site in June 2018. One of American Outdoor Brands' websites was also impacted by an eSkimming attack during Thanksgiving. 

The FBI says it has been monitoring eSkimming for almost seven years. However, the crime is growing as scammers are becoming more advanced and sharing the malware through the web.

Herb Stapleton, section chief for the FBI’s cyber division, said per CNBC, “If you are a company that has a heavy volume of credit card numbers being inputted into your website, at that point, you’re probably at a higher risk. Now one thing about those types of companies is they often have more resources to invest in cybersecurity measures.”

But Stapleton also noted that “even some lower-traffic companies, some smaller and medium-sized businesses, are still at risk, because some of them may not have the resources to invest as heavily in their cybersecurity.”

In November, Macy’s announced that it experienced a data breach, as its site was compromised with a code that steals shoppers’ payment information. A malicious script was added to the My Wallet and Checkout pages.



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.