Cybercriminals now 'formjack' to steal card details: Symantec

With returns from ransomware and cryptojacking diminishing, cybercriminals are now turning to alternative methods like formjacking to make money, as per the latest Symantec Internet Security Threat Report (ISTR).

Formjacking refers to cyber criminals injecting malicious codes into a retailer's website to steal card details of shoppers.

The report said on average, more than 4,800 unique websites are compromised with formjacking code every month globally.

"Symantec blocked more than 3.7 million formjacking attacks on endpoints in 2018, with nearly a third of all detections occurring during the busiest online shopping period of the year - November and December," Symantec Cyber Security Services (India) Director Ajathashatru Varma told reporters here.

 

He added that while a number of well-known retailers' online payment websites, including Ticketmaster and British Airways, were compromised with formjacking code in recent months, Symantec's research found that the small and medium-size retailers are, by in large, the most widely compromised.

Symantec's conservative estimates suggest that cyber criminals may have collected tens of millions of dollars last year, stealing consumers' financial and personal information through credit card fraud and sales on the dark web. It estimates that a single credit card fetches up to USD 45 in the underground selling forums.

Also, year 2018 saw drop-offs in activity and diminishing returns for ransomware and cryptojacking attacks. This was primarily due to declining cryptocurrency values and increasing adoption of cloud and mobile computing, rendering attacks less effective.

Ransomware infections declined by 20 per cent, while cryptojacking activity declined by 52 per cent throughout the course of 2018.

India ranks fourth globally, and second in the Asia Pacific and Japan region in terms of cryptomining activities. Similarly, India ranks second both globally and in APJ in terms of ransomware activities.