Constantly evolving credit card skimming techniques are a new threat to holiday shoppers.
Researchers at cybersecurity firm Sansec have discovered a novel technique that inserts payment skimmers onto checkout pages. Malwarebytes told Fox News it has also seen this new trick.
The news was first reported by ZDNet.
This isn’t the old-style physical skimmer attached by criminals to, for example, gas pump credit card readers but code that lurks on retailer checkout pages. It is also referred to as e-skimming or a Magecart attack.
“Online payment thieves developed a new method to hide payment skimmers in perfectly legitimate social media icons,” Joost Spanjerberg, a Sansec malware researcher, told Fox News in an email.
Those buttons could include Facebook, Twitter, Linkedin, or any number of well-known social media sites.
“These malicious icons lurk on checkout pages of hacked stores, and log keystrokes of unsuspecting online shoppers. When you enter your credit card numbers, these icons will send your data to an offshore (often foreign) server for later collection,” Spanjerberg said.
The problem, Spanjerberg says, is that consumers have no idea it’s happening.
“It is extremely hard for consumers to identify such fraud. Even for a trained professional, it takes hours to examine a store for possible payment skimmers. Actually, only merchants can prevent this kind of theft by running an ecommerce malware scanner on their server,” he said.
Anti-malware software firm Malwarebytes has also been tracking this.
“We have seen this latest trick and recorded a handful of sites that are currently infected with it,” Jérôme Segura, director of threat intelligence at Malwarebytes told Fox News.
“We believe this is a natural evolution in the cat-and-mouse game between [bad] actors and defenders," he said, adding that credit card skimmers used to be rudimentary and could be easily spotted.
Get updates on this story from FOXNews.com.