Over the past decade, online shopping has taken over a huge percentage of our everyday online and commercial activity. Especially this year, due to the COVID-19 Pandemic where social distancing is implemented, online shopping activities skyrocketed. That’s why most brands are now shifting to online shopping marketing. Online shopping apps and websites are recording their all-time highs in sales. Food, tech stuff, clothes, etc., can now be bought online with just a press of a button.

No wonder why forms of online scams also emerged. Fake sellers registering on these online shops attempting to get valuable information like credit card info from the shop’s customers. Delivery frauds and misleading items fill bad reviews about these shops. Aside from these problems, cybercriminals also target online shops for their attacks. In a recent post by Threatpost.com, a new online shopping malware that is inserted as fake social media share buttons has been detected. The malware is a payment card-skimming malware that hides in social media buttons that can compromise online shopping websites when loaded. According to researchers, the skimmer malware hides on buttons purporting to allow sharing on various social media platforms like Facebook and Twitter. Such malware gives cyber attackers access to the online shop’s website codes where they can place fake checkout buttons to ‘phish’ payment card information. These attacks exploit vulnerabilities in various online shops.

Furthermore, the fake buttons look like legit share buttons that may pose no threat to an unaware user. Once launched, the malware in the button will send all data input on the website’s fields to the cyber attacker, harvesting information they can use for exploitation. Reports also show that these malicious codes are done that some security solutions fail to identify them. They even use legit company names in their codes to create an illusion of being legit. An online shopping website with a weak or basic security protocol will not be able to detect such a problem. Since it hides in legitimate seeming files, it can successfully dodge security monitoring programs and even corporate firewalls. Also, reports show that no interaction is needed to launch the attack. All they need is a visit to the infected website.

Security experts noted that these kinds of attacks are actually very simple. However, most online shopping websites are missing this because they use codes and plugins developed by third, fourth, or even fifth party organizations, which leaves no centralized responsibility or ownership for what’s authentic or not.

The point is, the flaw is coming from the fact that less security detail is invested in developing these websites since most companies will just hire web developers but won’t have a team who will constantly monitor the site for security and review its code for possible injections.

The report shows that around 37 online stores were confirmed to have been infected by the malware. Researchers and experts suggest that the only way to counter these attacks is active monitoring on the client-side.

They explained that in order for the malware attack to succeed, the actors behind them need two things to be done. First, the injected code should be unsuspicious to the user or customer who visits the site. Second, it has to dodge the website’s security mechanisms. They suggest that active monitoring on the client-side (website owners) should be enough to flag these kinds of injections since it will detect the changes done by the attackers.

The point is, cyber threats are everywhere. Whether you be a consumer or businessman, it’s time that we take cybersecurity seriously.