The UK security services have warned online shoppers that their bank details can be ‘skimmed’ on the checkout page of small business websites.
GCHQ says it has uncovered more than 4,000 incidents where websites have been unknowingly leaking customers’ financial details to hackers, reports the Mirror.
The agency’s National Cyber Security Centre (NCSC) is urging businesses to ensure their payment software is up to date to make it harder for hackers to infiltrate.
Steve Barclay, Chancellor of the Duchy of Lancaster, said: “On Black Friday and Cyber Monday the hackers will be out to steal shoppers’ cash and damage the reputations of businesses by making their websites into cyber traps.”
Skimming was first used as a term for cash machine fraud – where criminals fit ATMs with devices that can read victims’ credit cards.
In the online version, hackers infiltrate businesses’ software so they can see the card details that shoppers put in on the checkout page.
The NCSC said it had seen an increase in this type of scam since the pandemic, and had uncovered 4,151 cases since April last year.
It said that in most cases scammers had infiltrated the websites via a known vulnerability in popular e-commerce software.
Sarah Lyons, deputy director for economy and society at NCSC, said: “I would urge all business owners to follow our guidance and make sure their software is up to date.”
Graham Wynn, of the…