With the introduction of restrictive measures in many countries, online purchases increased sharply and so did credit card withdrawals, which increased by 26% in March.

Crisis events such as the current COWID 19 pandemic often lead to changes in habits that attract the attention of cybercriminals. For example, the introduction of restrictive measures in many countries has dramatically increased the number of Internet purchases and thus the number of credit card withdrawals. According to our data, web photography in March increased by 26% compared to the previous month.

Although this does not seem to be a spectacular leap, the number of digital credit card records already increased before KOVID-19 and it is expected that this trend will continue in the near future.

Although many suppliers remain secure despite the increase in the number of transactions processed, the threat to e-commerce transactions is greater than ever.

Changing habits Lead to Extra Attempts to surf the web

Web browsing, also known by various terms but commonly known as Magecart, is the process of stealing customer information, including credit card information, from compromised online stores.

We actively monitor Internet users to protect our customers who use malicious bytes or Browser Guards when shopping online.

The statistics below exclude any telemetry from the Browser Guard extension and represent part of the entire photographic landscape of the web based on our own visibility. For example, server side images are not taken into account unless the trading site itself is identified as compromised and blacklisted.

One of the trends we observe is that the number of skimming blocks on Monday (the busiest day for online shopping), decreases in the second half of the week and reaches its lowest point on weekends.

Online credit card skimming increased by 26% in March-Malwarebytes Labs

The second observation is that the number of web processing blocks increased moderately from January to February (2.5%), but then started to increase from February to March (26%). Although growth is still subdued, we think this is a trend that will become more visible in the coming months.

Online credit card skimming increased by 26% in March-Malwarebytes Labs

The last graph shows that we have the highest number of dehydration attempts in the United States, followed by Australia and Canada. This trend coincides with the quarantine measures that started in mid-March.

Online credit card skimming increased by 26% in March-Malwarebytes Labs

Risk reduction: Shared responsibility

As we can see from other threats, there is no unambiguous answer to the question of how to curb web capture. In fact, it can be approached from different angles, starting with the online retailer, the security community and the shoppers themselves.

Many dealers do not keep their platforms up to date and do not respond to the disclosure of securities. Often the last way to report a violation is to publish it and hope that the media attention will bear fruit.

Many security vendors actively monitor Webskipper and add protective features to their products. This is the case with malicious bytes, and web security is available in both our desktop products and browser extensions. Sharing our data and trying to destroy the remediation infrastructure enables us to address the problem on a scale rather than on an individual basis (per facility).

Online shopping is convenient, but not without risk. Ultimately, it is the users who can make the right decisions and avoid many pitfalls. Here are a few recommendations:

  • Limit the number of manual entries of credit card data. Rely on platforms where this information is already stored in your account or use unique payment options.
  • Check whether the online shop is displayed correctly in your browser, that it does not contain any errors or some red flags indicating that it has been overlooked.
  • Do not accept trustmarks or other signs of confidence at first glance. The fact that the website displays a logo indicating that it is 100% safe does not mean that it is safe.
  • If you are unsure about the website, you can use some tools to check if it contains malware or is already blacklisted.
  • More advanced users may want to study the website’s source code, for example by using development tools that have the side-effect of turning off the skimmer when they notice that it is being checked.

We expect web-based photography activities to continue in the coming months as the online shopping habits developed during the pandemic continue to evolve. For more information, read the important tips for safe shopping according to the COVID-19 standard.