E-skimming threatens business web commerce
With increasing amounts of commerce being conducted over the web, businesses have had to work hard to stay one step ahead of the crooks, with firewalls, passwords and similar protections in common use just about everywhere to protect web traffic.
But now, the authorities are warning about another online way for the bad guys to get at your money. It’s called e-skimming and because it impacts businesses that accept payments for goods and services on their websites, a great many businesses are potential targets.
According to the FBI, which is leading the fight against e-skimmers, here it is in a nutshell: E-skimming is the process of cyber criminals introducing skimming code on e-commerce payment card processing web pages to capture credit card and personally identifiable information such as your name, date of birth, account numbers, passwords, and location information.
Once the information has been stolen, it is sent to a domain under the control of the criminal where it’s off to the races, so to speak.
How can businesses minimize the risk?
≤ Perform regular updates to payment software.
≤ Install patches from payment platform vendors.
≤ Implement code integrity checks.
≤ Keep anti-virus software updated.
≤ Ensure you are PCI DSS compliant.
≤ Monitor and analyze web logs.
The message to businesses is simple: Be smart, pay attention because the criminals are.