5 Ways To Protect Yourself Against E-skimming

In this article, we explain what e-skimming is and how you can protect yourself from falling victim to this cyber threat.

5 Ways To Protect Yourself Against E-skimming

You may have heard of e-skimming and in this article, we want to explain what it is and how to protect yourself from falling victim to this cyber threat.

First, you should know that unlike physical card skimming — which happens when someone inserts a film into the card reader or ATM — you cannot simply look at a website and tell that a hacker has tampered with it. What’s more, the retailers themselves may never find out unless there is an investigation. That is scary when you think about it…

But I’m getting ahead of myself. Let’s first define e-skimming, shall we?

What is e-skimming?

E-skimming is a form of internet or carding fraud whereby a payment page on a website is compromised when malware is injected into the page via compromising a third-party script service in order to steal payment information.

One report from 2016 suggested as many as 6,000 e-commerce sites may have been compromised via this class of attack. And it’s not just the smaller web stores; in 2018, British Airways had 380,000 card details stolen in via this class of attack. A similar attack affected Ticketmaster the same year with 40,000 customers affected by maliciously injected code on payment pages.

So yes, this is the “Clear and Present Danger” and here’s how you can protect yourself against it…

1. Don’t use your debit card

With most debit cards you don’t have protections that come included with credit cards. When a credit card user notices some charge they can’t identify, they can call their bank (credit card issuer) and ask for help to resolve the issue. In most cases, the bank could help users get their money back. But again, you’ll need a credit card for this.

Alternatively, you might want to try a virtual credit card that generates a unique card number to be used for specific transactions and a specific merchant. This is by far the most secure way to pay for stuff online, but it’s not as seamless as using your existing credit/debit card.

2. Keep up with your expenses

It’s not easy at first, but organizing your expenditures pays a premium in the long run. What this means is that you should strive to keep all your documentation, such as receipts and order confirmation numbers, to prove your online purchases. You may want to use some tool for this, such a fancy note-taking app, so you can more easily find the document you need at a later date.

Additionally, you should continually check your credit card statements and look for any activity on your balance that you don’t expect to find. Again, if you spot something like that, call your credit card issuer and ask for help.

3. Read customer reviews

If an e-skimming attack has already hit someone, chances are there is a trace about that. Read reviews and search for additional information to see whether the service/product you want to buy comes from a reputable company. If you notice something suspicious, it is better to look elsewhere. These days, there is an alternative for pretty much anything.

4. Go easy with personal information sharing

There is no need to provide every single piece of your personal information to a third party. Look for required fields and only fill them out.

The general rule of thumb is that the fewer data points a company has on you, the less they can leak. That being said, see if you can “get away” without providing your date of birth, social security number, and bank account number. Send the merchant an email and ask to buy their service without those details. You can always use PayPal or some other service to send them the money (pay for the service).

5. Submit information in secure pages, only

Always check the URL of the website. Make sure that the address bar has “https” instead of “http.” In fact, you should never leave your personal information on a non-secure web page — it could easily be caught by hackers.

With a good VPN, everything you do online is more secure with the software routing your requests and sending you the data exclusively through secure servers. And that is just one of the reasons to run a VPN on your devices — yes, all of them, not just your computer…