Terry Cutler – The Ethical Hacker
Home » Formjacking
Articles Blog Consumer Content Consumer Scams Media


Formjacking involves hackers posting malicious JavaScript codes on eCommerce sites. Users typically enter their private information at the checkout point, where the script waits. As a result, this information is copied. This type of online theft is like someone peering over your shoulder at an ATM and writing whatever you input.

Often, hackers create many fake websites that claim to offer us fantastic deals. So when you purchase items from one of these pirated websites, you’ll receive a counterfeit item. Likely, you’ll receive nothing.  

The three stages of formjacking

First, a hacker gains access to an eCommerce site and embeds the malicious script. Typically, the script is embeds in the site’s checkout section.

Second, unsuspecting users enter their financial details to make a purchase. Everything that is encrypted becomes vulnerable to theft. 

Finally, when users hit submit, an additional copy of the data ends up in the hands of the hacker. 

It’s carte-blanche

Hackers get easy access to everything they need in one place. 

One significant formjacking attack targeted British Airways (BA). In 2018, hackers inserted malicious codes into BA’s website. Further, the attack went on for months. Consequently, 380,000 transactions were affected, resulting in hackers earning $17 million.

To avoid this scam

Double and triple-check to see if the URL is changed.

However, Individuals are not responsible for the situation.

Therefore, it’s up to merchants to secure their websites. For eCommerce retailers, systems must be up-to-date, codes reviewed regularly, and routine tests occur. 

Subscribe to our mailing list

* indicates required

Related posts

Logik TV Episode 18 Protecting Yourself From Scams

Terry Cutler

Digital Locksmiths sets out to make the enterprise accessible to all smartphones

Terry Cutler

Cyber Security Today, Week in Review for Feb. 18, 2022

Terry Cutler

Is your IT department looking out for your Cybersecurity?

Terry Cutler

LockBit 2.0 

Terry Cutler

Federal pay system breach shows bad security plan: analyst

Terry Cutler


Privacy & Cookies Policy