Terry Cutler – The Ethical Hacker
Home » Formjacking
Articles Blog Consumer Content Consumer Scams Media


Formjacking involves hackers posting malicious JavaScript codes on eCommerce sites. Users typically enter their private information at the checkout point, where the script waits. As a result, this information is copied. This type of online theft is like someone peering over your shoulder at an ATM and writing whatever you input.

Often, hackers create many fake websites that claim to offer us fantastic deals. So when you purchase items from one of these pirated websites, you’ll receive a counterfeit item. Likely, you’ll receive nothing.  

The three stages of formjacking

First, a hacker gains access to an eCommerce site and embeds the malicious script. Typically, the script is embeds in the site’s checkout section.

Second, unsuspecting users enter their financial details to make a purchase. Everything that is encrypted becomes vulnerable to theft. 

Finally, when users hit submit, an additional copy of the data ends up in the hands of the hacker. 

It’s carte-blanche

Hackers get easy access to everything they need in one place. 

One significant formjacking attack targeted British Airways (BA). In 2018, hackers inserted malicious codes into BA’s website. Further, the attack went on for months. Consequently, 380,000 transactions were affected, resulting in hackers earning $17 million.

To avoid this scam

Double and triple-check to see if the URL is changed.

However, Individuals are not responsible for the situation.

Therefore, it’s up to merchants to secure their websites. For eCommerce retailers, systems must be up-to-date, codes reviewed regularly, and routine tests occur. 

Subscribe to our mailing list

* indicates required

Related posts

Police round up credit card fraud ring in Montreal. Terry Cutler is also in this inerview

Terry Cutler

Introduction to Ethical Hacking 2.5h video presentation

Terry Cutler

How to Avoid Internet Scams by Cyber Criminals

Terry Cutler

The sugar daddy scam

Terry Cutler

Risk of cyber-attacks growing: CSIS memo

Terry Cutler

Sony’s “Fury” over hack just the beginning

Terry Cutler


Privacy & Cookies Policy