E-skimming is carried out by threat actors who inject malicious code in the form of payment card skimmer scripts within a website’s payment processing platform, with the end goal of harvesting and stealing its customers’ payment or personally identifiable information. The FBI and the Cybersecurity and Infrastructure Security Agency provide a set of measures that government agencies and businesses can take to protect themselves against skimming threats. Magecart groups, the most notorious threat actors behind e-skimmers attacks, are highly effective cybercrime groups active since at least 2015.
Source: https://www.bleepingcomputer.com/news/security/fbi-warns-govt-agencies-smbs-to-defend-against-e-skimming-threats/