The Magecart threat

Cybercriminal groups such as Magecart are targeting ecommerce websites to steal personal and financial information supplied by visitors during the transaction process. The attacks are carried out via a malicious JavaScript code injection

This can occur through exploiting a vulnerability within the actual website, CMS platform or the companies web servers, which result in the inclusion of malicious code-skimming code. The other method , and perhaps the most difficult to defend against, is the injection of code into a third-party JavaScript technology which already has permission to run on the site.

This infographic explores:

  • Website supply chain blind spots
  • How Magecart steals data with formjacking
  • How to prevent formjacking on your website