Checkout Skimming (Magecart)
1-minute read
What it is
Checkout skimming (often linked to "Magecart" attacks) is when attackers inject malicious code into an ecommerce checkout page to quietly steal payment card details and personal data as customers type it in.
Why it matters
Skimming can run undetected for weeks, leaking card data at scale and triggering chargebacks, regulatory headaches, and long-term brand damage - even if your backend systems stay uncompromised.
How to reduce risk
- Use Subresource Integrity (SRI) and restrict third-party scripts where possible
- Monitor checkout pages for unauthorized script changes (file integrity + diff monitoring)
- Keep ecommerce platforms/plugins updated and remove unused extensions
- Add a WAF rule set tuned for script injection and suspicious checkout behavior