CIO Influence
CIO Influence News Security

Malwarebytes Labs Reveals 50 Percent Uptick in Credit Card Skimming in Advance of the Holiday Shopping Season

Malwarebytes Labs Reveals 50 Percent Uptick in Credit Card Skimming in Advance of the Holiday Shopping Season

Malwarebytes, a global leader in real-time cyber protection, released new threat research revealing credit card skimming is on the rise for the holiday shopping season. The report details a specific credit card skimming operation, the Kritec campaign, which specializes in crafting very realistic payment templates with convincing language localization that has compromised hundreds of websites. Malwarebytes threat researchers tracked a 50% increase month-over-month in the US since September in newly registered domains attributed to Kritec, demonstrating a huge uptick in both compromised sites and opportunity for innocent shoppers to fall victim.


“Embrace the magic of the holidays (and the season’s cyber deals), but don’t forget to safeguard your digital gifts,” warns Jérôme Segura, senior director of threat research, Malwarebytes. “Whether shopping online or booking your experience with Santa, be aware that cybercriminals have laid the groundwork to take advantage of the holiday shopping season via both obvious and very subtle avenues.”

CIO INFLUENCE News: Huawei Cloud Unleash Cloud and Boost Business Excellence in Europe

Another risk to shoppers this holiday season is malvertising – online ads that deliver scams or install malware. This type of fraud is on the rise in both volume of malicious ads and the sophistication behind them. Over the past two months, Malwarebytes has tracked a 42% increase month-over-month in malvertising incidents in the US, pointing to an alarming trend. Recent research reveals malicious campaigns carried out in online ads via Google searches, some impersonating big-name brands and scams targeting online tech support for Windows users.

Online Shopping Tips

For many online scams, it is near impossible for an individual, even a highly skilled one, to know when they’re using a website that includes a third-party component compromised by criminal hackers or operated by a company prepared to bend the rules at the expense of the user’s privacy and security. Here are a few tips for safer shopping.

  • Avoid clicking on sponsored ads: Conduct a direct search for your retailer of choice to avoid falling prey to prevalent malvertising tactics which have been known to spoof even huge, reputable brands such as Amazon.
  • Check that copyright: Avoid inputting any payment information into websites that don’t look like they’ve been maintained for a while. Red flags include outdated visuals and old copyright stamps.
  • Consider a Password Manager and MFA: With every site requiring a password these days, leverage a password manager to protect your payment information and set up multi-factor authentication where available.
  • Keep an eye on your financial statements: An uptick in online shopping deserves an uptick in your vigilance for checking online bank and credit card statements. Flag anything that seems suspicious for quick resolution.
  • Run an antivirus solution: Most antivirus products offer some kind of web protection that detects malicious domains and IP addresses. Malwarebytes Premium offers web protection and is complemented by the Malwarebytes Browser Guard extension for more advanced in-browser detection.
  • Use Malwarebytes Browser Guard: A free browser extension for Chrome, Edge, Firefox and Safari that blocks unwanted and unsafe content, giving users a safer and faster browsing experience. It stops users from going onto phishing sites, entering information into unsafe domains and downloading malware. It also blocks web trojans.

CIO INFLUENCE News: CodeSee Launches Function Maps: A New Dawn in Code Understanding

Malwarebytes Browser Guard Updates

With the holiday shopping period right around the corner, Malwarebytes has made additional enhancements to its Browser Guard plug-in, including:

  • Improved Protection: Stopping even more threats with enhanced phishing detection.
  • New Scanning Blocks: Prevents websites from scanning for vulnerable network ports.
  • Facebook Support: Added ability to block ads and sponsored content from appearing on Facebook feeds.
  • Monthly Overview: A new monthly summary showcases what’s been blocked.

Malwarebytes Premium (for Windows) users can unwrap additional functionalities in Browser Guard, including:

  • Content Control: Dials up control of the browsing experience so users can define what’s appropriate and fully customize what content to block while surfing.
  • Import and Export: New feature that allows users to transfer Browser Guard settings across all their browsers and devices.
  • Historical Detection Statistics: Users can learn more about past detections and what threats users have avoided.

CIO INFLUENCE News: Egress and KnowBe4 Extend Partnership to Offer AI-Based Adaptive Email Security and Training

[To share your insights with us, please write to]

Related posts

LoRaWAN Formally Recognized as ITU International Standard for Low Power Wide Area Networking

CIO Influence News Desk

Demonstrations of 20 Open RAN Solutions from Keysight at the O-RAN ALLIANCE’s Fall 2023 Global PlugFest

Business Wire

Laminar Launches Two New Solutions to Become First Full Data Security Platform for Multi-Cloud and SaaS Environments

Business Wire