Constantly evolving credit card skimming techniques are a new threat to holiday shoppers.

Researchers at cybersecurity firm Sansec have discovered a novel technique that inserts payment skimmers onto checkout pages. Malwarebytes told Fox News it has also seen this new trick.

The news was first reported by ZDNet.

This isn’t the old-style physical skimmer attached by criminals to, for example, gas pump credit card readers but code that lurks on retailer checkout pages. It is also referred to as e-skimming or a Magecart attack.

5 SAFE SHOPPING TIPS FOR THE HOLIDAYS FROM EXPERTS

“Online payment thieves developed a new method to hide payment skimmers in perfectly legitimate social media icons,” Joost Spanjerberg, a Sansec malware researcher, told Fox News in an email.  

Berlin, Germany - August 28: Symbolic photo on the subject of hackers and data security. Hands write on a computer keyboard on August 28, 2019 in Berlin, Germany.

Berlin, Germany - August 28: Symbolic photo on the subject of hackers and data security. Hands write on a computer keyboard on August 28, 2019 in Berlin, Germany. (Photo by Thomas Trutschel/Photothek via Getty Images)

Those buttons could include Facebook, Twitter, Linkedin, or any number of well-known social media sites.

“These malicious icons lurk on checkout pages of hacked stores, and log keystrokes of unsuspecting online shoppers. When you enter your credit card numbers, these icons will send your data to an offshore (often foreign) server for later collection,” Spanjerberg said.

The problem, Spanjerberg says, is that consumers have no idea it’s happening.

YOUR STOLEN CREDIT CARD MAY END UP HERE

“It is extremely hard for consumers to identify such fraud. Even for a trained professional, it takes hours to examine a store for possible payment skimmers. Actually, only merchants can prevent this kind of theft by running an ecommerce malware scanner on their server,” he said.

Anti-malware software firm Malwarebytes has also been tracking this.

“We have seen this latest trick and recorded a handful of sites that are currently infected with it,” Jérôme Segura, director of threat intelligence at Malwarebytes told Fox News.

“We believe this is a natural evolution in the cat-and-mouse game between [bad] actors and defenders," he said, adding that credit card skimmers used to be rudimentary and could be easily spotted.

FBI WARNS OF NEW CORONAVIRUS EMAIL AUTO-FORWARDING SCAM

Not anymore. “Criminals have upped their game and have adopted several different techniques to hide that code,” he added.

Buyers beware                     

Magecart-style cyberattacks are becoming widespread. An attack happened recently to online stores that use Magento software.

Consumers are most vulnerable when they manually enter credit card information on a web form. That’s where a credit-card skimmer could be lurking.

CLICK HERE TO GET THE FOX NEWS APP

“Limit the number of times you have to manually enter your credit card data. Rely on platforms where that information is already stored in your account or use one-time payment options,” says Malwarebytes Lab, part of Malwarebytes.