Cyber Question - How do you protect your customers from formjacking?

In this article you will read the most surprising and unusual cyber questions from entrepreneurs, followed by the answer. This time: How to protect your customers from formjacking?

How to protect your customers from formjacking?

Unnoticed, a cybercriminal modifies the input fields on your website. Then your customer buys something on your website and fills in the payment details. Without you or your customer knowing it, the data entered directly reaches the criminal. The criminal then makes off with the name and credit card details of your customer. This sly form of cyber crime is called formjacking and is difficult to recognize. Nevertheless, there are a few actions you can take to protect customers from formjacking.

What is formjacking?

In formjacking, a hacker modifies a website's input fields so that information a visitor fills in reaches the hacker. Hackers do this by modifying the code of the website. In this way the hacker gains access to confidential information, such as credit card details, often without anyone else noticing. With that data, a criminal can make payments somewhere else.

Difficult to recognize

For a customer, it is virtually impossible to recognize formjacking. "And the bad news is that it's also very difficult for business owners to tell if your input fields have been hacked," says Erwin Hasenpflug, cyber specialist at Digital Trust Center. "But fortunately, there are still some things you can do."

Protect your customers

Hasenpflug provides some tips that will help you protect customers from formjacking, among other things.

• Make sure that website software and any plug-ins up-to-date are. You can do this periodically yourself or outsource to an IT vendor.
• Limit the personal data you ask for and choose payment methods such as iDEAL, where customers do not have to enter credit card information on your website.
• Have the security of your website checked periodically. To do this, you can create a automated vulnerability scan use. Such a scan shows what the weak spots in your security are. Or have a penetration test performed by an ethical hacker. This one searches more extensively for security problems, including formjacking, on assignment.
• Recognize when your website code is being modified unwisely. Do you have some basic knowledge about (source) code? If so, you may recognize changes yourself immediately. Yet this is not always easy, especially when you have a dynamic website. Discuss with your IT supplier what possibilities they offer for checking formjacking;

Want to know more about formjacking, robotic phone calls and working safely online? Read the entire article at kvk.nl.