A year-long study tracking 550 hacked e-commerce sites across 68 countries shows that removing a skimmer once does not mean the threat is gone. eSkimming is turning into a long-term problem, not a one-time incident.
Even after discovery, many businesses never fully recover. One year later, 18% of affected sites were still infected. Worse, more than half of those cases involved new or modified attack methods, proving attackers return instead of giving up.
Another concern: 16% of originally infected websites are now offline or unreachable, showing how damaging unresolved client-side attacks can become.
Why Traditional Security Isn’t Enough
eSkimming runs inside the user’s browser, while most defenses protect servers and networks. This gap allows attackers to hide, adapt, and come back through different paths.
Common weaknesses include:
• Lack of visibility into what browser scripts actually do in real time
• Over-trust in third-party and first-party JavaScript
• Fixing visible malware but not closing the underlying exposure
Attackers are also evolving. Some campaigns move from third-party scripts into core website code, making detection even harder. About 12% of cases showed this shift, meaning threats are embedding deeper into trusted systems.
Source Defense addresses this challenge by focusing on what happens directly in the browser. Its solution allows organizations to observe script activity as it runs, identify suspicious attempts to access sensitive data, detect fraudulent payment overlays, and stop risky behavior before information is stolen. By controlling actions at runtime, it reduces the chance of attackers re-entering through new paths after an initial fix.
This model changes security from occasional incident handling to steady, ongoing oversight of the client-side environment.
The research also makes it clear that eSkimming should be treated as a business-level threat, not just a technical flaw. A portion of previously affected websites later disappeared from the internet, underscoring how severe the impact of unresolved browser-based attacks can be.
Since most digital transactions now happen in the browser, organizations need visibility into client-side activity to achieve real recovery. Without that, “issue resolved” may only be temporary.
Leave A Comment