In this case, they’re after your money, not your guns.
A woman holds a 9-mm. handgun by the American manufacturer Smith & Wesson at the IWA OutdoorClassics trade show for hunting, shooting sports, equipment for outdoor activities and for civilian and official security applications in March 2018 in Nuremberg, Germany.
(Photo by Daniel Karmann/picture alliance via Getty Images)
The so-called “Magecart skimmer campaign” was first noticed by Sanguine Security when bad actors started registering malicious domain, or website, names purportedly associated with Sanguine. The company offers an “anti-skimming” service, which is used to prevent this type of activity.
A Sanguine Security web page said that on Dec. 3 the malicious skimmer had been removed from the Smith & Wesson store.
These types of attacks typically gain entry by either breaking into a server or by targeting the business’ third-party vendors, who in turn unwittingly pass on the infection, according to TechRepublic.
The problem for consumers is that they will be oblivious to the attack, Craig Young, computer security researcher for Tripwire’s vulnerability and exposure research team (VERT), tells Fox News.
He offered some ways to make your purchases more secure and avoid attacks.
One is a virtual payment card. These cards, which limit the amount of personally identifiable information (PII) you share, are sometimes referred to as a temporary card number or pseudo card number, as explained by Privacy, which offers these types of cards. They do not come with a physical card and the single-use numbers “self-destruct” after use.
Some traditional banks also offer these as an option. “Consumers would need to inquire with their financial institution about availability for this,” Young said.
Big Internet players also offer these kinds of services. “Google, PayPal and Amazon all offer secure payment processing services, which can be used in lieu of exposing actual card numbers,” Young added.
The bottom line is if you have shopped with a regular credit card at a site that has been compromised you need to act.
“If you have recently shopped at the Smith & Wesson website and entered payment information, you need to contact your credit card company and monitor your statements for suspicious or fraudulent charges,” said BleepingComputer.
Fox News has reached out to Smith & Wesson with a request for comment.