Formjacking attack: Are we safe?
| Published date | 21 October 2020 |
| Pages | 607-612 |
| DOI | https://doi.org/10.1108/JFC-07-2020-0138 |
| Date | 21 October 2020 |
| Subject Matter | Accounting & finance,Financial risk/company failure,Financial crime |
| Author | Vijaya Geeta Dharmavaram |
Formjacking attack: Are we safe?
Vijaya Geeta Dharmavaram
Department of Operations, GITAM Institute of Management,
Visakhapatnam, India
Abstract
Purpose –Today, online shopping and online businesshas become a new norm especially in the current
pandemicscenario. With more businesses running online,cyber criminals are coming up with differenttactics
to steal identity and sensitive information such as credit card and banking credentials either for personal
monetary gain or to sell in the dark Web. One form of such attack that is seen in the recent times is
formjacking attack. This paper aims to review the current scenario of formjacking attack and its modus
operandi. The paper also provides certain counter measures that can be adopted by the users and website
owners.
Design/methodology/approach –The paper mainly focuses on the modus operandi of formjacking
attack to understandthe severity of the problem. Based on the way the attack is carriedout, some guidelines
to be followed are provided. Later,a brief review of machine learningtechniques is furnished to understand
how it may helpas secure defense mechanism.
Findings –Formjacking attacks are on a rise in the past two years, especiallyduring the holiday season.
Cyber criminals have been using smart tacticsto carry out these attacks which are very difficult to detect.
Machinelearning techniques may prove to be effective in combatingthese attacks.
Originality/value –Formjackingattack is not just a concern of the customers who may lose their sensitive
data, but the onusalso lies on the companies itself to ensure they protecttheir customer’s data from theft. Not
much research is found regarding formjacking attack, as it is relatively a new form of attack. The paper
reviews this attack and providessome measure that can be followed. It also provides few guidelineswhich
can be usedfor further research in devising a securitytool to mitigate this problem.
Keywords Formjacking attack, Supply chain attack, Ecommerce security, E-Skimming attack,
Identity theft, Security measures
Paper type General review
Introduction
Your best friend’s birthday is coming up and thereis no time to buy a gift from the shop. No
problem, there are so many shops to buy online. You select the perfect gift and click the check
out button to pay for the order. You fill the necessary details with your credentials and card
details and the order is placed. You are happy that you found the perfect gift for your friend
and you will receive the ordered gift but are you sure that your information which you have
entered is safe andnot stolen by an unseen attacker.
The opening vignette is to show the risks one can face while sharing sensitive
information in the internet thanks to a new attack that is emerging in the recent times
known as “Formjacking”. Formjacking is similar to virtual automated teller machine
skimming attack, where a maliciouscode is injected by cyber criminals in a website to steal
the card details from the gulliblecustomers (Krishna et al.,2019).
Getting our work done throughonline has become a new norm in the present time. From
shopping to gaming, from official meeting to casual chatting, we live in an online world. In
recent times of COVID-19 situation, where most of the people are staying at home, remote
working and online communication is the lifestyle whicheveryone has to adopt and adapt.
According to the internetworldstats.com[1], China, India, USA, Indonesia and Brazil are the
Formjacking
attack
607
Journalof Financial Crime
Vol.28 No. 2, 2021
pp. 607-612
© Emerald Publishing Limited
1359-0790
DOI 10.1108/JFC-07-2020-0138
The current issue and full text archive of this journal is available on Emerald Insight at:
https://www.emerald.com/insight/1359-0790.htm
To continue reading
Request your trial