Netcraft Extension adds credential leak detection

September 2020 Web Server Survey

The Netcraft browser extension now offers credential leak detection for additional protection against skimmer on shopping sites.

With brick and mortar stores around the world closed due to COVID-19, consumers turned to online businesses for their shopping needs. According to Adobe’s Digital Economy Index, US online spending was $ 73 billion in June, up 76% from $ 42 billion last year. Even if the restrictions were lifted, research commissioned by Visa suggests that 74% of Britons who made frequent online purchases during the lockdown will continue to do so.

It is more important than ever to protect yourself from JavaScript skimmers. These are snippets of malicious code that criminals upload to compromised businesses. Unknown to the shopkeeper or the user, they transmit the entered card data directly to the criminal. Unlike scams like phishing, which can often be avoided by an observant internet user, skimmers are invisible to the human eye without a tool like the Netcraft Extension to expose them.

Netcraft is currently blocking over 6,000 shopping sites with skimmers, and even large corporations like British Airways, Ticketmaster and Puma have been victims of these attacks in the past.

The Netcraft extension identifies and blocks a skimmer in an online store

When you visit a shopping page, the Netcraft extension evaluates all the requirements made by the website. If a request is found to be sending credentials to another domain, the extension blocks the request to prevent your data from being stolen. A lock screen will notify you of the request and inform you of the malicious behavior it has detected. Currently only card number leaks are blocked. However, other types of credentials may be enabled in future updates.

For example, if you check out using your credit card at, but your card details are sent to, the extension blocks the request. This check takes place locally and securely in your browser. No confidential information is sent to Netcraft.

The extension also blocks pages that direct requests to malicious domains that are part of JavaScript attacks.

In addition to skimmers for shopping pages, the Netcraft extension also protects against other harmful JavaScript, phishing and fake shops, including those related to coronavirus. The extension is available for Chrome, Firefox, Opera and the new Microsoft Edge based on Chromium.

Google ChromeMozilla FirefoxOperaMicrosoft Edge

If you’ve already installed the Netcraft extension, your browser will automatically update it.