What is Formjacking?

A relatively new term "Formjacking" is used by the cyber security industry to describe the process by which a malicious script is injected to a web form with the objective of stealing data from the end user.

Animated WebForm

Although, formjacking is an old technique that remained somewhat unknown until recent times nevertheless most cyber users remain disconnected with the process. The lack of awareness among the public has prompted experienced cybercriminals to take advantage of the situation resorting to the use of formjacking.

What is the key objective of Formjacking?

Cybercriminals create malicious Javascript code with the purpose of interjecting the malware script in a trusted webpage which collects web form data. A core objective of formjacking is to steal credit card details and any other payment information when an end user completes an online financial transaction.

Three stages of Formjacking techniques:

First stage: An attacker interjects the malicious code within the targeted webpage.

Second stage: The end user(consumer) completes the web form with their personal information to finalise the financial transaction.

Third stage: A copy of the completed data is sent to the trusted merchant. In addition, the attacker's malicious script works to send a copy of the data to the cybercriminal.

Why do cybercriminals want to acquire Formjacking data? 

Cybercriminals use the acquired banking details to make further purchases online or the sensitive data is sold on the dark web. Additionally, the stolen data can be used to commit identity theft fraud.

How can an end-user detect if a website is affected by a Formjacking attack?

Unfortunately, at present there is no way for an end-user (the consumer) to detect whether a trusted website is affected by a formjacking attack. On the apparent the website will appear, behave and provide the usual services, however the data of a customer is stolen at the submission of a transaction.

For that reason, the usual signs of detecting a fraudulent website cannot be used, for instance verifying that you are on the actual merchant's website will not work. The trusted merchant's website will be compromised in a subtle form. Subsequently, formjacking is a preferred and successful implementation technique used by cybercriminals to evade website security.

TechDecoded has the following tips for safeguarding personal data and reducing the risk of financial loss:-

  • Remain vigilant for any data compromise by regularly checking bank statements for discrepancies.
  • Scrutinise credit score by checking your credit history regularly to ensure any unexpected drop in ratings is detected as soon as possible. Moreover, checking your credit history will enable the detection of any fraudulent transactions, for example identifying bogus accounts and any unauthorised use of credit cards.