In a recent alert, Visa has identified a trending threat targeted at e-commerce merchants by fraudsters harvesting payment and other information via “digital skimming.” Also called “e-skimming” or “formjacking,” this method of stealing information has existed for a number of years. The new trend Visa has identified is the use of “web shells” to accomplish the attacks.
Web shells, according to the Visa Payment Fraud Disruption unit that issued the warning, are “tools used by threat actors to establish and maintain access to compromised servers, deploy additional malicious files/payloads, facilitate lateral movement within a victims network, and remotely execute commands.”
While digital skimming using web shells doesn’t result in an immediate fraud loss to e-commerce merchants, it does provide a “persistent back door” enabling them to extract payment and personal information that can be monetized against merchants in a variety of ways.
In the alert, Visa Payment Fraud Disruption provides a long list of recommendations merchants and acquirers can use to protect themselves.