Security Awareness Expert On New E-skimmer Discovered On WordPress Site Utilizing WooCommerce Plugin

In response to a new report that indicates credit card thieves are targeting WordPress e-commerce sites powered by WooCommerce with a dedicated JavaScript-based card-skimmer malware, a security awareness expert offers perspective.

Experts Comments

April 14, 2020
James McQuiggan
Security Awareness Advocate
KnowBe4
Third-party plugins are always a high-value target for criminals, as it's an easy way to access hundreds to thousands of sites through manipulating the code at the source where the plugin is developed. Organizations want to make sure they educate and train their developers to analyze and verify all third-party plugins for unusual activity through the quality and analysis testing process before releasing new updates. The website is an organization's "front door" to the world, and if they don't.....Read More
Third-party plugins are always a high-value target for criminals, as it's an easy way to access hundreds to thousands of sites through manipulating the code at the source where the plugin is developed. Organizations want to make sure they educate and train their developers to analyze and verify all third-party plugins for unusual activity through the quality and analysis testing process before releasing new updates. The website is an organization's "front door" to the world, and if they don't keep their home secure, they risk someone breaking into their home and stealing valuables. Like a home, the website must be secured, and one easy way is to verify the plugins and software regularly. Failure to do so can lead to hackers quickly gaining access to the site and stealing data or defacing the site. While the plugin may be well accepted, if it's not inspected and verified, the risk of doing so can lead to a data breach and damage to reputation.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.