The current coronavirus pandemic has resulted in the closure of many pubs, restaurants and brick and mortar retail stores. Many purchases that were previously made in person are now online. In a study commissioned by Visa, 89% of Britons have shopped online since the UK’s lockdown restrictions began, and 31% bought items online for the first time during that period. Criminal groups are benefiting from this surge in online shopping activity: Smaller businesses that are newly reliant on online transactions offer attackers a stream of under-defended shopping sites to exploit, and shoppers are more likely to end up in these compromised businesses or to counterfeit business compared to before the pandemic.

JavaScript skimmers run on vulnerable shopping sites. When shoppers enter their payment details, the skimmer secretly sends a copy to the attacker – possibly even if the customer doesn’t complete the transaction. Even the most cautious of users can fall victim to these attacks as they appear in compromised but otherwise well-intentioned stores with no visual cue of their presence.

Counterfeit stores are another threat. Shoppers looking for bargains may unknowingly find themselves in a fake shop that claims to be selling the products they want at a heavily discounted price. However, the victim only receives counterfeit goods, no goods at all, or the transaction is aborted after entering the credentials, equivalent to a phishing attack.

Fake stores are also taking advantage of the pandemic by offering goods in high demand due to the coronavirus, such as N95 masks. The FBI released a public notice of an increase in online shopping scams involving the sale of counterfeit health products such as personal protective equipment (PPE). To date, Netcraft has blocked over a thousand such fake coronavirus-themed stores, 80,000 other fake stores that sell all kinds of counterfeit goods, and around 3,500 vulnerable stores that host JavaScript skimmers.

The Netcraft browser extension and mobile apps provide protection against fake shops as well as legitimate shopping sites that have been compromised with JavaScript skimmers. When an extension or app user visits one of these dangerous stores, Netcraft blocks access to the store and notifies them:

Visiting a fake shop without the Netcraft extension

Visiting a fake shop with the Netcraft extension

Visiting a fake shop with the Netcraft extension

Last August, Skimmer Protection for Shopping Pages and other malicious JavaScript was added to the Netcraft browser extension. Since then, an extension user who visits a site that Netcraft has blocked to contain a skimmer has been redirected to a blocking screen. The Netcraft Android and iOS apps also have this feature.

Additionally, the Netcraft browser extension blocks shopping sites that are using resources known to be part of the skimming infrastructure – even if Netcraft has not blocked the shop. Whenever the extension detects that a request is being sent to a URL associated with skimming activity, it blocks the request and reports the shopping page at risk to us.

Protection against skimmers from shopping sites with the Netcraft extension

This allows Netcraft to automatically receive a steady stream of new compromised shopping sites as the extension user community makes a purchase. The relationship between Netcraft and our community of browser extension users is symbiotic: when our users shop, we protect them from skimmers and use the vulnerable shopping site information they find to automatically protect the rest of the community. Users can opt out of reporting these websites to Netcraft if they prefer.

The Netcraft browser extension is free to download on Chrome, Firefox, Opera and Edge.

Select your browser to download the Netcraft browser extension now:

Fire fox
chrome_64x64
opera_64x64
Edge logo

You can also be notified on your mobile device if you navigate to a dangerous shopping page that Netcraft has blocked, including a fake shop or a shopping page that has been compromised with a JavaScript skimmer. The Netcraft app for Android and iOS can be downloaded from the following app stores:

Google play badge
Amazon badge
Apple app store badge