Securitymetrics identifies a significant trend in e-commerce attacks and prepares a fully integrated PCI solution for fighting hackers

Orem, UtahPresent March 4, 2025 / Prnewswire/ -securitymetrics, a leading innovator for compliance and cyber security, has shared new knowledge of attacks on E -Commerce -website and their new product that defends organizations against you.

After securitymetrics had carried out thousands of forensic investigations by e-commerce customers, they discovered a surprising trend between the dealer payment pages. The examination not only focused on the search for malicious scripts on the client browser side, but also contained a detailed analysis of all scripts that were loaded on the payment pages of third-party providers (e.g. content of the IFrame source, which is usually hosted by a PCI DSS-compliant service provider).

In 100% of the cases in which card data occurred, the safety error on the transfer page of the dealers was present and not on a malicious script on the hosted payment page of third-party providers.

This knowledge clearly shows that the most important escimming risks are on the dealer -WebServer and not on the “Payment provider” page.

Other data from these examinations include:

• Of the 2,000 forensic E -Commerce examinations:
  • 40% used iframes to display a third -party payment page
  • 35% used direct mail or conventional server-side processing
  • 25% used button forwards to a hosted payment page of third-party providers.

• From the cases where malicious activities were found (e.g. card folding):
  • 46% occurred on the dealer pages on which the third-party iFrame was integrated
  • 44% occurred on the dealer pages with direct postal or other methods
  • 10% appeared on the dealer pages with button forwarding to a fully organized payment page

Based on the results of real world investigations, retailers must be aware of the scripts, which they contain (PCI DSS request 6.4.3) and check for malicious scripts and behaviors (PCI -DSS requirements 11.6.1) for any payment or the transfer pages.

In order to fix these growing attacks and the need for PCI compliance on dealer websites, security metrics have created a PCI-focused escimming solution called Cark Monitor. The first version of the shopping cart monitor was published in 2020 with a limited version of version 2.0 in September 2024. The complete introduction of version 2.0 begins with March 25th For all buyers and dealers who are supposed to meet certain PCI requirements. This product monitors the E -Commerce payment pages by thoroughly scanning it during the cassinet process, identifying suspicious scripts immediately and meets the dealer.

In contrast to the most part of the competition, the shopping cart monitor meets PCI requirements 6.4.3 and 11.6.1, without requesting an agent, software installation, development, compatibility tests or a website configuration. The shopping cart monitor for money and time was the only fully integrated PCI solution on the market. To find out more or to register, visit Website for security metrics.

About security forces

Securitymetrics ensures for organizations that edit sensitive data. You have tested over 100 million systems for data security and conformity. Industry standards do not keep up with the threat landscape, which is why securitymetrics, their tools, their training and their support are considered a higher, more thorough performance standard and service. Never have a wrong feeling of security. ™

E -mail for press inquiries [email protected]

Source SecurityMetics, Inc.