SAN FRANCISCO (KRON) – The FBI is warning all online shoppers – especially as the holiday shopping season approaches – to be aware of hackers lurking in your online shopping carts, too.

It’s called e-skimming and officials say it can happen when you’re buying something online through a legitimate website or mobile app.

However, unlike physical skimming devices you can see at ATMs or gas pumps, it will be more difficult to detect if the website has been compromised.

According to the FBI, any business accepting online payments on their website it at risk of an e-skimming attack.

Authorities say scammers introduce a skimming code on e-commerce payment processing web sites to get your credit card info, name, date of birth, account numbers, and more.

That all happens in real time and is apparently set to a remote server where the data is collected by the scammers behind the scene. Your credit card data would then be sold or used to make fraudulent purchases moving forward.

Businesses often targeted include retailers, travel companies, utility companies, and ticket-selling websites.

Authorities advise all online shoppers take precautions when shopping online, such as having your credit card details saved into a website so you won’t have to enter it repeatedly, which increases your chances of being skimmed.

Another way to avoid entering your credit card information is by using PayPal, Apple Pay, or another similar mobile payment system.

Also, avoid clicking on banner ads for a specific store or product to avoid any malware-infected pop-ups.

Other tips include:

  • Keep software updated
  • Change default credentials and create strong, unique passwords on all systems
  • Enable multi-factor authentication
  • Do not click on links or pop-ups and be wary of email attachments in messages

If you believe you are a victim of an e-skimming attack or other cyber fraud, you can file a detailed complaint at the Internet Crime Complaint Center –

Latest News Headlines: