WiredTree Says eCommerce Retailers Must Be Vigilant for Card Swiping Malware

Share Article

WiredTree has advised eCommerce merchants to monitor their stores for the presence of malware, including credit card swipers. The warning is a response to the discovery by security researchers that thousands of eCommerce stores are infected with malware capable of transmitting users' confidential information to criminals.

News Image
Given the apparent prevalence of credit card swipers and other malware, we're concerned that many eCommerce merchants aren't doing all they should to protect users.

WiredTree, a provider of managed virtual and dedicated server hosting, has advised eCommerce merchants to monitor their stores for the presence of malware, including credit card swipers. The warning is a response to the discovery by security researchers that thousands of eCommerce stores are infected with malware capable of transmitting users' confidential information to criminals (as reported in Network World on October 16).

This October, security researchers surveyed thousands of eCommerce stores and found that a substantial proportion of them were sending credit card data and other sensitive information to criminals. The store owners were largely unaware of the presence of JavaScript credit card swipers, even though the evidence shows that many of the stores had been infected for months.

Credit card swipers are capable of collecting data from forms on web pages as the user enters their details. The data is then stored on the server, often disguised as an image or other innocuous file format, for later collection.

“WiredTree offers on-demand malware scanning as part of our ServerShield security plan, but given the apparent prevalence of credit card swipers and other malware, we're concerned that many eCommerce merchants aren't doing all they should to protect users,” says Zac Cogswell, President of WiredTree, "That's bad news for the eCommerce sector as a whole, which depends on trust. If users come to believe that a substantial proportion of eCommerce stores don't take security seriously, there's a risk they'll stop buying."

It's likely that criminals plant malware on sites by exploiting a variety of different pre-existing vulnerabilities to gain access. The best way to prevent unauthorized access to an eCommerce store or server is to ensure that it runs the most recent versions of software. Software updates include patches to fix vulnerabilities, and if server operating systems and tools, eCommerce applications, and extensions remain unpatched, a store is more-than-likely vulnerable.

Updating is part of a comprehensive in-depth approach to security that also includes regular malware scanning, secure password management, and user education. Online retailers have a responsibility to protect their users’ data, and stores that fail to follow security best practices may lose the trust of shoppers.

###

About WiredTree

WiredTree specializes in delivering managed hosting experience that places the client in complete command; covering virtual, hybrid, and dedicated web hosting. As champions of customer care, it's no wonder that more than 5,000 clients enjoy WiredTree's free hardware level-ups and a <15 minute average ticket response time. All of this is built on top of only the highest-performing technologies, including LiteSpeed web server, MariaDB, memcached, SSD-driven hardware, and an in-house management system called Grove. To learn more about what WiredTree can do for your site, visit http://www.wiredtree.com.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Zac Cogswell
WiredTree
+1 866-523-8733
Email >
@wiredtree
since: 03/2009
Follow >
Follow us on
Visit website