Formjacking attack: Are we safe?

Purpose - Today, online shopping and online business has become a new norm especially in the current pandemic scenario. With more businesses running online, cyber criminals are coming up with different tactics to steal identity and sensitive information such as credit card and banking credentials either for personal monetary gain or to sell in the dark Web. One form of such attack that is seen in the recent times is formjacking attack. This paper aims to review the current scenario of formjacking attack and itsmodus operandi. The paper also provides certain counter measures that can be adopted by the users and website owners. Design/methodology/approach - The paper mainly focuses on themodus operandiof formjacking attack to understand the severity of the problem. Based on the way the attack is carried out, some guidelines to be followed are provided. Later, a brief review of machine learning techniques is furnished to understand how it may help as secure defense mechanism. Findings - Formjacking attacks are on a rise in the past two years, especially during the holiday season. Cyber criminals have been using smart tactics to carry out these attacks which are very difficult to detect. Machine learning techniques may prove to be effective in combating these attacks. Originality/value - Formjacking attack is not just a concern of the customers who may lose their sensitive data, but the onus also lies on the companies itself to ensure they protect their customer’s data from theft. Not much research is found regarding formjacking attack, as it is relatively a new form of attack. The paper reviews this attack and provides some measure that can be followed. It also provides few guidelines which can be used for further research in devising a security tool to mitigate this problem.