Services
Services

Assess

Cyber Incident Response Plan

Cyber Security Risk Assessment

Ransomware Readiness Assessment

Penetration Testing

Red Teaming

Open Source Intelligence (OSINT)

Top Ransomware Groups

Protect

Managed Firewall

Managed Network Security

Patch Management

Remote Worker Security

Security Hardening

Vulnerability Management

Wi-Fi Security

Detect

Cloud Extended Detection & Response (XDR)

Cyber Threat Intelligence

Managed Endpoint Detection & Response (MDR)

Network Indicator of Compromise Monitoring (IOC)

Security Information & Event Management (SIEM)

Purple Teaming

Blue Teaming

Respond

Business Email Compromise Response

Digital Forensics & Incident Response (DFIR)

PII Data Investigation

Recover

Disaster Recovery

Microsoft 365 Backup

Ransomware Data Recovery

Secure Backup

Train

Cyber Security Awareness Training

Phishing Simulation Training
Company
Company

About us

About us

Blog

Case studies

News

Contact us

24/7 Emergency: 0333 091 7040

Request a callback
Contact

Alerts, Cyber attacks, Cyber security

South West regional cyber crime unit warns of e-skimming threat

3rd February 2026

The South West Regional Cyber Crime Unit (SWRCCU) is warning businesses and consumers about the ongoing threat of e-skimming, a form of cyber crime that targets online payment systems.

E-skimming, also referred to as digital skimming or web skimming, involves the theft of payment card data from customers of online retailers. Criminals use this technique to capture card details during legitimate online transactions, often without the knowledge of either the customer or the business.

What is e-skimming?

E-skimming attacks typically begin when criminals gain unauthorised access to an online store’s website or server, or to the source code of a third-party service used by the retailer, such as a payment or analytics tool. Access is commonly achieved by exploiting software vulnerabilities, poor configuration, weak passwords or through brute force attacks.

Once access is gained, malicious code is inserted into the website’s payment or checkout process. This code is designed to copy customer and payment information as it is entered. The stolen data may be transmitted immediately to the attackers or stored on the compromised server and retrieved later to reduce the risk of detection.

Because the website continues to look and function normally, these attacks can be difficult to detect for both customers and businesses.

Why this matters

E-skimming attacks can remain active for long periods, potentially exposing large numbers of customers to fraud. Stolen payment card details may be used for unauthorised purchases or sold on criminal marketplaces. For businesses, this can result in financial loss, reputational damage and regulatory consequences.

Law enforcement agencies and cyber security organisations continue to identify and disrupt e-skimming operations, but the threat remains prevalent due to the widespread use of online payments and third-party web services.

Advice and guidance

Europol has published clear guidance explaining how digital skimming works and how organisations can reduce their exposure to this type of attack. Businesses are encouraged to keep all systems and plugins up to date, restrict administrative access, use strong authentication methods and regularly monitor websites for unauthorised changes.

For broader protection against malware and ransomware, the National Cyber Security Centre (NCSC) provides comprehensive guidance and practical resources for UK organisations and individuals.

Consumers are advised to regularly review bank and card statements, use trusted devices when making online purchases and act quickly if they notice suspicious transactions.

Reporting cyber crime

If you believe you have been a victim of cyber crime, you should report the incident to Report Fraud by calling 0300 123 2040 or by visiting reportfraud.police.uk.

If you receive a suspicious or phishing email, it should be forwarded to the NCSC’s Suspicious Email Reporting Service (SERS) at report@phishing.gov.uk. Further advice on recognising and protecting yourself from phishing can be found on the NCSC website.