Formjacking attack: Are we safe?

Published date21 October 2020
Date21 October 2020
Subject MatterAccounting & finance,Financial risk/company failure,Financial crime
AuthorVijaya Geeta Dharmavaram
Formjacking attack: Are we safe?
Vijaya Geeta Dharmavaram
Department of Operations, GITAM Institute of Management,
Visakhapatnam, India
Purpose Today, online shopping and online businesshas become a new norm especially in the current
pandemicscenario. With more businesses running online,cyber criminals are coming up with differenttactics
to steal identity and sensitive information such as credit card and banking credentials either for personal
monetary gain or to sell in the dark Web. One form of such attack that is seen in the recent times is
formjacking attack. This paper aims to review the current scenario of formjacking attack and its modus
operandi. The paper also provides certain counter measures that can be adopted by the users and website
Design/methodology/approach The paper mainly focuses on the modus operandi of formjacking
attack to understandthe severity of the problem. Based on the way the attack is carriedout, some guidelines
to be followed are provided. Later,a brief review of machine learningtechniques is furnished to understand
how it may helpas secure defense mechanism.
Findings Formjacking attacks are on a rise in the past two years, especiallyduring the holiday season.
Cyber criminals have been using smart tacticsto carry out these attacks which are very diff‌icult to detect.
Machinelearning techniques may prove to be effective in combatingthese attacks.
Originality/value Formjackingattack is not just a concern of the customers who may lose their sensitive
data, but the onusalso lies on the companies itself to ensure they protecttheir customers data from theft. Not
much research is found regarding formjacking attack, as it is relatively a new form of attack. The paper
reviews this attack and providessome measure that can be followed. It also provides few guidelineswhich
can be usedfor further research in devising a securitytool to mitigate this problem.
Keywords Formjacking attack, Supply chain attack, Ecommerce security, E-Skimming attack,
Identity theft, Security measures
Paper type General review
Your best friends birthday is coming up and thereis no time to buy a gift from the shop. No
problem, there are so many shops to buy online. You select the perfect gift and click the check
out button to pay for the order. You f‌ill the necessary details with your credentials and card
details and the order is placed. You are happy that you found the perfect gift for your friend
and you will receive the ordered gift but are you sure that your information which you have
entered is safe andnot stolen by an unseen attacker.
The opening vignette is to show the risks one can face while sharing sensitive
information in the internet thanks to a new attack that is emerging in the recent times
known as Formjacking. Formjacking is similar to virtual automated teller machine
skimming attack, where a maliciouscode is injected by cyber criminals in a website to steal
the card details from the gulliblecustomers (Krishna et al.,2019).
Getting our work done throughonline has become a new norm in the present time. From
shopping to gaming, from off‌icial meeting to casual chatting, we live in an online world. In
recent times of COVID-19 situation, where most of the people are staying at home, remote
working and online communication is the lifestyle whicheveryone has to adopt and adapt.
According to the[1], China, India, USA, Indonesia and Brazil are the
Journalof Financial Crime
Vol.28 No. 2, 2021
pp. 607-612
© Emerald Publishing Limited
DOI 10.1108/JFC-07-2020-0138
The current issue and full text archive of this journal is available on Emerald Insight at:

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT