FBI issues warning to SMBs about e-skimming attacks
- The FBI has issued a warning specifically to the small and medium-sized businesses and government agencies that take credit card payments online.
- The FBI has also provided recommendations and mitigations for the businesses to defend against e-skimming attacks.
What’s the matter?
The US Federal Bureau of Investigation (FBI) has issued a warning for SMBs and government agencies about e-skimming attacks, also known as web-skimming or Magecart attacks.
A brief overview
The FBI has issued a warning to specifically the small and medium-sized businesses and government agencies that take credit card payments online.
E-skimming occurs when cybercriminals inject malicious code onto a website’s point of sale (POS) system in the form of payment card skimmer scripts, in an aim to steal customers’ payment card information.
- Attackers typically gain access to the target company’s server either via a phishing attack against employees or through a vulnerable third-party vendor.
- Once the attacker gains access to the target server, he can load the malicious code and can capture the credit card data entered by the customers.
- The stolen data is then sold on the underground forum or used by the attacker to make fraudulent purchases himself.
The FBI has also provided recommendations and mitigations for the businesses to defend against e-skimming attacks, which include
- The FBI recommends businesses to update and patch all systems with the latest security software and ensure that anti-virus software is up-to-date and firewalls are strong.
- It is always recommended to reset default login credentials with complex credentials on all systems.
- Organizations are recommended to educate their employees about safe cyber practices and train them on how to identify phishing emails. It is best to never click on links or unexpected attachments in messages that are from anonymous senders.
- Furthermore, the FBI recommends segregating and segmenting network systems to curtail how easily cybercriminals can move from one to another.