Bank card theft when making a purchase online is something that can happen. Hackers use multiple methods to steal this type of data and it is wise to take action. Now, how simple is this? Microsoft warns of how easy it can be to steal banking data on the Internet and, moreover, hackers do not leave any type of trace.
Theft of bank details without leaving a trace
To steal bank details when making an online payment, hackers can use a variety of techniques. A clear example is Phishing, but also malware and Trojans. They can even create a fake application that pretends to be the bank and thus record the data. But now, a group of Microsoft security researchers have warned of more advanced techniques to hide the code when carrying out a theft of banking information.
What they do is hide code snippets , inject them into image files and disguise them as a legitimate application. This allows them to go unnoticed and the victim doesn’t really know that they are being robbed. The attackers take over the bank details without leaving a trace.
The fact that they hide malicious code so well makes it harder for security programs themselves to detect the threat . In addition, there is a greater chance that the victim will enter their bank details and inadvertently hand them over to a hacker.
This technique is known as skimming. What cybercriminals basically do is inject malicious JavaScript code into a website by exploiting a known vulnerability. This can happen on a WordPress site, for example. This code is activated once the victim reaches the payment process and enters the card details.
But the novelty of this technique, as indicated by Microsoft researchers, is that they manage to inject these scripts into images and fake them. That will make them hidden and they can achieve their goal.
Disguised as favicon
The malicious image files will be uploaded to the target server and will be disguised as a favicon, the small image that appears in the browser when we open a web page. In addition, the content includes a PHP script with a Base64-encoded JavaScript.
This script will be executed to identify the payment page and display a fake form for the victim to put their bank card details there. Additionally, you can also disguise that script as if it were a Facebook or Google Analytics pixel.
What can you do to be prepared for these threats? It is essential to have everything updated correctly and thus correct possible vulnerabilities that may appear. You should also have a good antivirus that helps detect threats that steal personal data, bank details or any type of information by sneaking malware.
But if there is something essential to be protected, it is common sense. You must always make sure to put personal data in secure, reliable sites that do not show doubts related to security and privacy. In addition, you can always protect the card when paying online.
