E-commerce has become very widespread among users. Buying online is as simple as picking up our mobile or computer, entering one of the many online stores that we have at our disposal, choosing the product and paying comfortably with our card. But of course, this can also pose security risks if we do not take precautions or if we access a compromised site. Now hackers are using CSS files to steal bank cards when shopping online.
Web skimmer hidden in CSS files to steal cards
Stealing cards and bank details is a highly sought after practice by cybercriminals. They can use very different methods to do this. They make use of banking Trojans, keyloggers to steal passwords, Phishing attacks … And now they also use Web Skimmer hidden in CSS files.
Until now we have seen web skimmers hidden in favicons, site logos, pop-ups or even in the buttons to share on social networks. However, never before has this type of threat been detected hidden in CSS files on websites.
They use these files to hide malicious code in order to steal bank cards when users make a purchase. This is also known as Magecart scripts.
CSS files are style sheets that are used to display a website in one way or another. For example, the way the menu appears or whatever element is on that page. These files usually have code to describe the color of a particular element, the size of the text, the font settings, etc. In this way the browser can mirror it so that it appears like this.
It can also be used to create animations on a page. Site administrators can use code to add different features and also load and run JavaScript code.
What hackers are doing this time around is sneaking malicious code into CSS files to steal bank card details. This occurs when a user is going to complete a payment on the network through that page.
Most Skimmers are invisible and that’s what experts say is the most dangerous. They are hidden in such a way that they go completely unnoticed.
How To Avoid Being A Victim Of Web Skimmers Attacks
Keep in mind that we can use methods to buy more safely online . The first thing is to always keep common sense in mind. We must not make mistakes that could provoke an attack of this type. For example, we must always make purchases for reliable pages, which inspire confidence.
A good idea in the case of web skimmers and prevent them from stealing our card and, ultimately, stealing money from us is to use virtual cards . In this way we can buy insurance on the Internet and in the event that the data of that virtual card is stolen, they will not be able to use it as it is a card that expires once we have made a purchase or is empty if we only recharge it to buy.
Therefore, we can say that we have both the option of using a virtual card for a single payment and also another that is rechargeable and where we are only going to put the amount of money we need for that purchase.
Additionally, as general advice we must mention the importance of having security tools to protect our equipment, as well as always having updated systems and correcting possible vulnerabilities. We leave you a tutorial to buy safely online.